The Agent Skills Directory

[SAFE]: The skill's primary functionality involves sending user prompts and reference files to the AnyGen OpenAPI (www.anygen.io). This is consistent with the vendor name 'anygenio' and the stated purpose of financial research.
[SAFE]: API keys are managed securely. The skill provides instructions and scripts to store the ANYGEN_API_KEY in a configuration file (~/.config/anygen/config.json) with restricted file permissions (chmod 600), which is a security best practice.
[SAFE]: The skill implements a clear consent model, explicitly stating that it will not read or upload files without the user's explicit --file argument and prior approval.
[SAFE]: Usage of the sessions_spawn capability is restricted to background monitoring of research tasks. The subagent prompts are well-defined, focus on status polling, and use a specific command-based communication protocol (ANNOUNCE_SKIP) to avoid duplicate output or prompt leakage.
[SAFE]: The skill processes external financial documents (PDFs, transcripts), which presents a potential surface for indirect prompt injection. However, the skill includes instructions to summarize key points rather than pasting raw content, and the risks are inherent to the intended financial analysis use case.

anygen-financial-research