Skills
skills/zubair-trabzada/ai-trading-claude/trade-compare/Gen Agent Trust Hub

trade-compare

Pass

Audited by Gen Agent Trust Hub on May 16, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data from web searches and interpolates it into the agent's context without sanitization.
  • Ingestion points: Multiple WebSearch instructions in SKILL.md (Steps 1 through 9) gather data from external websites.
  • Boundary markers: The skill lacks explicit instructions for the agent to ignore or delimit instructions that might be embedded in the retrieved web content.
  • Capability inventory: The skill has the capability to write to the file system (generating TRADE-COMPARE-<T1>-vs-<T2>.md).
  • Sanitization: No content validation or escaping mechanisms are specified for the search results before they are processed.
Audit Metadata
Risk Level
SAFE
Analyzed
May 16, 2026, 01:20 PM
Security Audit — agent-trust-hub — trade-compare