financial-analyst
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE] (SAFE): The skill package does not contain the executable Python scripts (ratio_calculator.py, dcf_valuation.py, budget_variance_analyzer.py, and forecast_builder.py) described in the SKILL.md file. Analysis was restricted to the markdown documentation, templates, and JSON assets.
- [SAFE] (SAFE): No evidence of prompt injection, hardcoded credentials, data exfiltration, or obfuscation was found in the provided files. The content is consistent with its stated purpose of providing financial modeling tools for analysts.
- [Indirect Prompt Injection] (SAFE): While the skill defines a workflow for ingesting external financial data via JSON, which is an attack surface, the provided templates do not exhibit instructions that would facilitate the execution of embedded commands. Without the underlying calculation scripts, no active vulnerability can be confirmed.
Audit Metadata