Octagon Financial Research: why it is not safe to use
Octagon Financial Research passed our review (85/100); two cautions worth knowing: all queries reach Octagon's API and it needs your API key.
What we found
Octagon Financial Research passed our security and privacy review with a score of 85/100. We found no prompt injection, no hidden directives, no data exfiltration of local files, no hardcoded secrets, no dangerous or destructive commands, no obfuscated payloads, and no attempts to escalate privileges. The skill instructions are plain, readable markdown describing an analyst workflow.
Two items are worth knowing before you install, and both are by design rather than defects. First, every skill routes through the Octagon MCP server, so the tickers and queries you enter travel over the internet to Octagon's financial data API. Second, the skill requires an Octagon API key set as an environment variable; in what we reviewed, that key is used for Octagon authentication and is not read or forwarded elsewhere.
What to do instead
You can use this skill as intended. If your queries could be sensitive, treat them as data shared with a third party and review Octagon's data handling terms first. Store the API key as an environment variable, never in shared files or version control, and rotate it if exposed. Grant it the minimum scope Octagon offers.
Source: https://github.com/OctagonAI/skills
We report what our security review found at the time we checked, with the goal of keeping people safe. Projects change; if a maintainer has since fixed this, we are glad to recheck it. Email hello@agentpod.com.