Skills
skills/ninehills/skills/alphaear-reporter/Gen Agent Trust Hub

alphaear-reporter

Pass

Audited by Gen Agent Trust Hub on May 7, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it fetches and processes data from external news APIs and web search results. Maliciously crafted data from these sources could attempt to influence the agent's behavior or override its internal logic. The skill uses boundary markers to separate external content from instructions, which provides a degree of protection but does not eliminate the risk from sophisticated adversarial data.
  • Ingestion points: scripts/utils/content_extractor.py (fetches web content via Jina Reader API), scripts/utils/news_tools.py (fetches news from the NewsNow API).
  • Boundary markers: Present in scripts/prompts/fin_agent.py (e.g., === 原始信号 ===) and scripts/prompts/report_agent.py to delimit untrusted data.
  • Capability inventory: The agent can search the web, fetch real-time news, read and write to a local SQLite database (data/signal_flux.db), and generate HTML charts.
  • Sanitization: Implements robust JSON extraction and comment stripping in scripts/utils/json_utils.py, though it lacks explicit sanitization to filter out prompt-injection patterns from external text.
  • [EXTERNAL_DOWNLOADS]: The skill fetches data and software components from several well-known services. These are legitimate operations consistent with the skill's purpose.
  • Financial Data: Fetches stock lists and historical prices using the akshare library, which interacts with public financial endpoints.
  • News & Sentiment: Connects to newsnow.busiyi.world for real-time news and gamma-api.polymarket.com for prediction market data.
  • Models: Downloads pre-trained models from Hugging Face, including sentence-transformers for embeddings and BERT-based models for sentiment analysis.
  • [COMMAND_EXECUTION]: The skill executes Python scripts for data visualization and model training. Static analysis hints regarding eval() calls were found to be false positives, as they refer to PyTorch's model.eval() method for setting evaluation mode and ast.literal_eval() for safe string-to-dictionary conversion.
Audit Metadata
Risk Level
SAFE
Analyzed
May 7, 2026, 05:57 PM