trade-sentiment
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection through its data ingestion process.
- Ingestion points: The agent performs at least 6 targeted web searches (News, Reddit, X/Twitter, Analyst ratings, Institutional filings, Short interest) to gather sentiment data from untrusted external sources.
- Boundary markers: The instructions do not define clear boundary markers or delimiters for the fetched search content to prevent it from being interpreted as instructions by the LLM.
- Capability inventory: The skill has the capability to write the analysis results to a markdown file (
TRADE-SENTIMENT-<TICKER>.md) in the current working directory. - Sanitization: There is no mention of sanitizing or escaping the content retrieved from the web before it is analyzed and scored.
Audit Metadata