backtesting-trading-strategies
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS] (SAFE): The skill requires standard, well-maintained libraries such as pandas, yfinance, and matplotlib from the official Python Package Index (PyPI) for its core functionality.\n- [DATA_EXFILTRATION] (SAFE): Outbound network requests are limited to fetching financial price data from established providers. No sensitive local files, such as SSH keys or environment variables, are accessed or transmitted.\n- [PROMPT_INJECTION] (SAFE): The skill ingests data from external APIs. However, because the data consists of numeric financial figures (prices, volumes) that are processed mathematically, there is no realistic path for indirect prompt injection to influence the agent.\n
- Ingestion points: scripts/fetch_data.py retrieves data via yfinance and the CoinGecko API.\n
- Boundary markers: Not present, though numeric data streams inherently minimize injection risks.\n
- Capability inventory: The skill is permitted to run local Python scripts and perform file system operations for data caching and report generation.\n
- Sanitization: Data is parsed into structured formats by standard libraries (pandas and json), preventing raw external strings from being interpreted as instructions.
Audit Metadata