stock-cross-verify
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses shell commands to execute various Python and Node.js scripts for data collection.\n
- Evidence: Commands like
python3 {gangtise}/scripts/query_kb.py,node {searchx}/scripts/search.js, andbash {warroom}/scripts/init_war_room.share triggered with user-provided parameters.\n- [EXTERNAL_DOWNLOADS]: It retrieves content from external sources including Reddit, X/Twitter, and NewsAPI.\n - Evidence: Integration with multiple external APIs to gather market sentiment and news reports.\n- [PROMPT_INJECTION]: The skill processes untrusted content from social media platforms, creating an attack surface for indirect prompt injection.\n
- Ingestion points: Data from Reddit and X/Twitter is fetched in Phase 2 into the
output/sources/directory.\n - Boundary markers: There are no explicit delimiters or instructions in the Phase 3 prompt to treat the gathered data as untrusted or to ignore instructions contained within it.\n
- Capability inventory: The agent has filesystem access and shell execution capabilities, which could be misused if influenced by malicious external data.\n
- Sanitization: No sanitization process is described for the retrieved external text before it is presented to the LLM.
Audit Metadata