stock-daily-analysis
Fail
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [REMOTE_CODE_EXECUTION]: The
scripts/setup.shandscripts/update.shscripts clone and execute source code from an external, third-party GitHub repository (github.com/ZhuLinsen/daily_stock_analysis) that is not listed as a trusted vendor. This allows for arbitrary code execution from an unverified source. - [COMMAND_EXECUTION]:
scripts/market_data_bridge.pyutilizessubprocess.runto execute Python scripts. The execution path is dynamically constructed using a configurable variable (market_data_skill_path) from theconfig.jsonfile, allowing the execution of local files through the agent. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection within
scripts/ai_analyzer.py. - Ingestion points: Financial data including stock names and technical indicators are fetched via
akshareand interpolated into the_build_promptmethod. - Boundary markers: None; the data is directly embedded into the natural language prompt.
- Capability inventory: The skill has the capability to execute subprocesses (via
market_data_bridge.py) and perform network operations. - Sanitization: There is no evidence of sanitization or escaping of the stock data before it is sent to the LLM.
- [EXTERNAL_DOWNLOADS]: The skill performs external downloads during setup, fetching Python packages from PyPI and source code from external Git repositories via
pipandgitcommands.
Recommendations
- AI detected serious security threats
Audit Metadata