@1363/dub-trading-skill
Pass
Audited by Gen Agent Trust Hub on Mar 27, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns, data exfiltration, or unauthorized command execution were detected. The skill is primarily instructional and focused on a user's personal trading journal and strategy.
- [PROMPT_INJECTION]: The skill contains a 'Skill Evolution' section directing the agent to self-modify its own instruction file (
SKILL.md). While designed for personalization and strategy refinement, this pattern constitutes a vulnerability surface for indirect prompt injection if the agent incorporates untrusted external data, such as market sentiment or summaries, into these updates without sanitization. - Ingestion points: Market observations, technical analysis data, and user-provided trade feedback.
- Boundary markers: Absent.
- Capability inventory: Instructions to modify the agent's core configuration and instruction file.
- Sanitization: None mentioned.
Audit Metadata