dcf-valuation
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security threats were identified. The skill's functionality is limited to financial calculations and spreadsheet manipulation through provided MCP tools.
- [PROMPT_INJECTION]: The skill processes external data via the read_xlsx tool, which presents a surface for indirect prompt injection. An attacker could potentially embed instructions within a spreadsheet to influence the valuation report. However, this is an inherent risk of data-processing tools and no specific malicious triggers were found.
- Ingestion points: read_xlsx tool (SKILL.md).
- Boundary markers: Absent.
- Capability inventory: create_xlsx, apply_formula, create_chart (SKILL.md).
- Sanitization: None identified.
Audit Metadata