trader-train
Warn
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill attempts to install the
neural-traderpackage from the public npm registry if it is not already available in the environment. - Evidence:
npm ls neural-trader 2>/dev/null || npm install --ignore-scripts neural-traderinSKILL.md. - [COMMAND_EXECUTION]: The skill executes the
neural-tradercommand-line tool vianpxusing user-provided arguments, which allows for arbitrary execution of the downloaded package's logic. - Evidence: Multiple instances of
npx neural-traderwith various flags inSKILL.md. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8) by including user-controlled variables in shell commands without visible sanitization.
- Ingestion points: The
TICKERvariable provided by the user is interpolated intonpxcommands. - Boundary markers: Absent.
- Capability inventory: Shell command execution via
Bash(specificallynpx). - Sanitization: No sanitization or validation of the ticker input is present in the instructions.
Audit Metadata