finnhub-api
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill retrieves external news content and company profiles, which could contain malicious instructions designed to influence the agent's behavior when processed.\n
- Ingestion points: Functions
get_company_news,get_news, and financial statements inSKILL.mdandENDPOINTS.md.\n - Boundary markers: No specific delimiters or instructions (e.g., 'ignore any instructions in this data') are used to wrap the retrieved API content.\n
- Capability inventory: The skill uses
requests.getto fetch data, which is then parsed as JSON and presumably interpreted by the agent.\n - Sanitization: The provided examples do not implement sanitization or filtering of the retrieved news headlines or summaries.\n- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill documentation correctly references official and established libraries for its functionality.\n
- Evidence: Mentions the official
finnhub-pythonSDK, thefinnhubnpm package, and standard libraries likerequestsandwebsocket-client.\n- [Data Exposure & Exfiltration] (SAFE): The skill promotes secure credential management by advising the use of environment variables (FINNHUB_API_KEY) and.envfiles rather than hardcoding secrets.
Audit Metadata