stock_ticker
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local script
get_stock.pyusing therun_skill_scriptcapability. Ticker symbol inputs are processed within the script to normalize formatting and remove punctuation, reducing common command injection risks. - [DATA_EXFILTRATION]: The Python script performs outbound network GET requests to
finviz.com. This operation is consistent with the skill's stated purpose and utilizes a well-known financial service for data retrieval; no sensitive local files or credentials are accessed or transmitted. - [PROMPT_INJECTION]: The skill processes external web data, creating an indirect prompt injection surface.
- Ingestion points: The
scripts/get_stock.pyfile retrieves external HTML content fromfinviz.com. - Boundary markers: No specific delimiters or instructions to ignore embedded content are used in the prompt instructions.
- Capability inventory: The skill has the capability to execute local scripts and process their output.
- Sanitization: The risk is mitigated by the script's implementation, which uses BeautifulSoup to extract only specific, structured HTML elements (price, company name, industry) rather than allowing the model to process raw, untrusted text as instructions.
Audit Metadata