personal-finance-coach
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill utilizes standard Python libraries including numpy, scipy, and pandas for performing mathematical simulations and financial optimizations.\n- [COMMAND_EXECUTION]: The skill configuration allows access to the Bash tool, which is used for executing the provided Python scripts but grants broad command-line capabilities.\n- [PROMPT_INJECTION]: The skill exposes a surface for indirect prompt injection.\n
- Ingestion points: External data is ingested through the mcp__firecrawl__firecrawl_search and WebFetch tools specified in SKILL.md.\n
- Boundary markers: The instructions do not define delimiters or markers to isolate untrusted web content from core logic.\n
- Capability inventory: The agent is granted Bash, Write, and Edit permissions, which could be leveraged if malicious instructions are encountered during web fetching.\n
- Sanitization: There is no evidence of sanitization or validation for content retrieved from external URLs before processing.
Audit Metadata