stock-feed
Pass
Audited by Gen Agent Trust Hub on Jun 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local Python engine (
scripts/stock_feed.py) to perform data aggregation and report generation tasks. It also uses the system'sopencommand to automatically display the generated HTML report to the user. - [EXTERNAL_DOWNLOADS]: The skill makes network requests to
https://redfox.hk/story/api/multiPlatform/workSearchto retrieve real-time social media discussion data. As this is the official API of the skill's author, it is considered a legitimate vendor resource. - [DATA_EXPOSURE]: The script reads API authentication keys from environment variables (
REDFOX_API_KEY,X_API_KEY) or a local configuration file at~/.qoder/apis/redfox.json. This is standard practice for managing API access to the vendor's services. - [PROMPT_INJECTION]: The skill is subject to an indirect prompt injection surface as it ingests and processes untrusted third-party content from social media platforms.
- Ingestion points: Social media post titles, descriptions, and author names are retrieved from the API and provided to the agent for summarization.
- Boundary markers: The skill does not explicitly define strict delimiters for external content in its instructions.
- Capability inventory: The agent has access to
Bash,Write, andWebSearchtools, which could be targeted if the agent ignores instructions and follows commands embedded in social media text. - Sanitization: The Python script performs basic character escaping and length truncation for HTML generation, though the agent analyzes the narrative content of the posts directly.
Audit Metadata