Skills
skills/leapcat-ai/leapcat-skills/leapcat-ipo/Gen Agent Trust Hub

leapcat-ipo

Pass

Audited by Gen Agent Trust Hub on Mar 31, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes the leapcat CLI tool, which is a vendor-owned resource for the author (leapcat-ai). The commands are scoped to IPO management and utilize the --json flag for structured output processing.
  • [CREDENTIALS_UNSAFE]: No hardcoded credentials or secrets were found. The skill references standard authentication workflows (e.g., leapcat auth login) and sensitive operation protections like trade passwords, which are handled via the CLI.
  • [INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted data such as IPO project descriptions and subscription details from the Leapcat platform.
  • Ingestion points: IPO project details (ipo project) and lists (ipo projects, ipo subscriptions) are read into the agent context.
  • Boundary markers: The instructions do not define explicit delimiters for this external data, but use the --json flag to ensure structured data handling.
  • Capability inventory: The skill can perform financial actions (ipo subscribe) and cancellations (ipo cancel).
  • Sanitization: Standard CLI JSON parsing is used, though no specific prompt-level sanitization for project metadata is defined. The risk is mitigated by the requirement for authenticated sessions and KYC approval.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 31, 2026, 11:33 PM
Security Audit — agent-trust-hub — leapcat-ipo