tushare-api
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [Unverifiable Dependencies] (MEDIUM): The skill requires the installation of the
tusharePython package. Since this package and its author's repository are not within the defined trusted scopes, it is classified as an unverifiable dependency.\n- [Indirect Prompt Injection] (LOW): The skill possesses a vulnerability surface for indirect prompt injection by processing external content.\n - Ingestion points: Financial data is fetched from the Tushare API (
api.tushare.pro), and simulated news content is read fromdocs/daily-reports/ai_daily_report_20260208.md.\n - Boundary markers: Absent. There are no delimiters or instructions to help the agent distinguish between data and system instructions.\n
- Capability inventory: The skill can perform network requests to the Tushare API and display data. It lacks higher-privilege capabilities such as arbitrary code execution or file system modification.\n
- Sanitization: None. There is no evidence of filtering for malicious instructions within fetched data.\n
- Self-referential content: The news report in the
docsfolder includes mentions of 'OpenClaw safety vulnerabilities', which is a self-referential pattern capable of influencing agent reasoning regarding its own security context.\n- [Data Exposure & Exfiltration] (LOW): The skill performs network requests to an external API (api.tushare.pro). This is expected behavior for a financial tool but represents a point of external data transmission.
Audit Metadata