financial-modeling-maestro
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious behavior, safety bypasses, or suspicious logic patterns were found in the codebase or metadata.- [COMMAND_EXECUTION]: The skill uses
yargsto handle file paths for reading input and writing output. File system operations are managed via standard Node.js APIs and agent-provided secure I/O utilities.- [PROMPT_INJECTION]: The skill ingests external JSON data through an input file, representing an indirect injection surface. This risk is minimized because the data is strictly used for mathematical projections and not interpreted as instructions: - Ingestion points: File read in
src/index.ts. - Boundary markers: Not present.
- Capability inventory: File system read/write.
- Sanitization: JSON data is parsed and used for arithmetic in
src/lib.ts.
Audit Metadata