stock-screener
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- Prompt Injection (SAFE): No instructions found that attempt to override system safety guidelines or bypass constraints. The prompt logic is focused on parsing financial parameters (market range, PE ratio, etc.).
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials or access to sensitive local file paths (like ~/.ssh or ~/.aws) are present. The data handled is public stock market information.
- Obfuscation (SAFE): No Base64, zero-width characters, homoglyphs, or encoded strings were found in the skill metadata or body.
- Unverifiable Dependencies (LOW): The skill requires the 'stock-sdk' MCP server. While this is an external dependency, it is a configuration requirement for the host environment rather than a runtime script download or RCE vector. Standard safety depends on the implementation of the host's stock-sdk.
- Indirect Prompt Injection (LOW): The skill ingests untrusted external data (stock quotes/names) via the 'stock-sdk'.
- Ingestion points: Data enters through tools like 'get_all_a_share_quotes'.
- Boundary markers: Absent in the example output, though the logic is structured.
- Capability inventory: Limited to read-only tool calls and markdown table generation. No file-write or shell-execute capabilities are present.
- Sanitization: Not explicitly defined, but the risk is low as the data is used for display and simple numeric filtering.
Audit Metadata