dcf-model
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFEDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [External Data Ingestion]: The skill retrieves financial data from external sources such as SEC filings and analyst reports. While this is necessary for financial modeling, it creates a surface for indirect prompt injection where instructions could theoretically be hidden in the data. The skill mitigates this through a structured validation process and the use of a specialized validation script.
- [Local Script Execution]: The workflow requires executing a local Python script (
recalc.py) to ensure formula accuracy in the generated Excel models. This execution is part of the quality assurance pipeline and is restricted to the skill's internal validation tools. - [Network Activity]: The skill uses well-known libraries like
yfinanceandrequeststo fetch market data and stock prices. These network operations are directed at established financial data providers and are a requirement for the primary function of equity valuation.
Audit Metadata