estimate-analysis
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill downloads the yfinance package from the Python Package Index (PyPI) and retrieves financial data from Yahoo Finance. Both are legitimate and well-known sources for the skill's functionality.
- [COMMAND_EXECUTION]: The skill performs a dependency check using dynamic context injection at load time and uses subprocess to install the yfinance library if it is not present. These commands are localized to dependency management and do not exhibit malicious behavior.
Audit Metadata