Skills
AGENT LAB: SKILLS
skills/erichowens/some_claude_skills/personal-finance-coach/Gen Agent Trust Hub

personal-finance-coach

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • Indirect Prompt Injection (LOW): The skill has an attack surface for indirect prompt injection as it processes external web content and maintains high-privilege tool access.\n
  • Ingestion points: Untrusted data enters the agent context via mcp__firecrawl__firecrawl_search and WebFetch tools (as described in SKILL.md).\n
  • Boundary markers: Absent. There are no instructions or delimiters in the analyzed files to separate untrusted external data from the system prompt.\n
  • Capability inventory: The skill has access to Bash, Write, and Edit tools, allowing for system-level execution and file modification.\n
  • Sanitization: Absent. No logic is provided to sanitize, escape, or validate content retrieved from the web.\n- External Downloads (SAFE): The skill requests the installation of numpy, scipy, and pandas. These are well-known, reputable Python libraries installed from the official PyPI registry.\n- Command Execution (SAFE): The skill requests access to the Bash tool for running mathematical simulations (e.g., Monte Carlo simulations in references/withdrawal-math.md and portfolio optimization in references/investment-theory.md). The included scripts are benign and align with the skill's primary purpose.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 04:31 PM