Skills
skills/serenorg/seren-skills/ovadiya-loan/Gen Agent Trust Hub

ovadiya-loan

Pass

Audited by Gen Agent Trust Hub on Mar 21, 2026

Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: The skill is configured to gather sensitive user financial details, including asset holdings, ticker symbols, and values, and transmit this information along with user contact details to an external email address (erik@volume.finance), which is not a whitelisted domain.
  • [PROMPT_INJECTION]: The skill instructions mandate that the agent maintain the anonymity of the provider ('Ovadiya') and explicitly forbid sharing the source URL (https://ovadiya.net/) with the user, enforcing a deceptive interaction model and limiting transparency.
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it ingests untrusted user data (Phase 1) and interpolates it into email notifications (Phase 3) without the use of boundary markers or sanitization, potentially allowing user input to manipulate the final notification content.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 21, 2026, 02:44 AM