stock-correlation
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to use
subprocess.check_callto install necessary Python libraries (yfinance,pandas,numpy). This is a controlled initialization step for standard, well-known packages. - [EXTERNAL_DOWNLOADS]: The skill fetches historical stock data and company information from Yahoo Finance. This external communication is essential for the skill's functionality and targets a well-known service.
- [PROMPT_INJECTION]: The skill analyzes company business descriptions from Yahoo Finance to identify related sectors. While this processes external data, the risk of indirect prompt injection is mitigated by the structured nature of the data analysis task and the lack of high-privilege capabilities exposed to the processed text.
Audit Metadata