dcf-valuation
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: The skill operates entirely within its stated purpose of financial modeling, providing mathematical frameworks and output templates for valuation reports without any malicious patterns detected.
- [NO_CODE]: The skill does not contain executable scripts, binaries, or source code files, relying solely on markdown instructions and pre-defined MCP tools.
- [PROMPT_INJECTION]: The skill identifies an indirect prompt injection surface due to its data processing nature. Ingestion points: Financial data is ingested through the
read_xlsxtool as described in SKILL.md. Boundary markers: There are no explicit delimiters or instructions to ignore embedded content within the ingested spreadsheets. Capability inventory: The skill utilizesread_xlsx,create_xlsx,apply_formula, andcreate_charttools (SKILL.md). Sanitization: No specific sanitization or data validation steps for the spreadsheet content are implemented within the skill instructions. This surface is a functional requirement for the skill's primary task of financial analysis.
Audit Metadata