technical-analysis
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (MEDIUM): The skill executes a local script
scripts/analyze.pyusing user-provided arguments. Evidence:python scripts/analyze.py <股票代码> --date YYYY-MM-DD. Risk: If the script does not properly sanitize the<股票代码>input, an attacker could execute arbitrary commands via shell injection. - [PROMPT_INJECTION] (MEDIUM): Indirect Prompt Injection vulnerability (Category 8). Evidence: Ingestion point is
output/<股票代码>/<日期>/data.json; Boundary markers are absent; Capability inventory includes script execution and file system writing; Sanitization is not visible. Risk: If the data source for the stock information is compromised, malicious instructions could be embedded in the JSON data to manipulate the agent's analysis or subsequent actions. - [NO_CODE] (INFO): The execution logic relies on an external script (
scripts/analyze.py) which was not included in the provided files, preventing a full verification of its safety and sanitization practices.
Audit Metadata