hedgefundmonitor
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSNO_CODE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill connects to the official U.S. Office of Financial Research (OFR) API at
data.financialresearch.govto retrieve financial datasets. This is a well-known government service and a trusted data source. - [NO_CODE]: The skill consists entirely of markdown files and code examples; it does not distribute executable scripts, binaries, or other active code.
- [SAFE]: Evaluation of the indirect prompt injection surface found no significant risk. 1. Ingestion points: API responses from data.financialresearch.gov; 2. Boundary markers: No explicit markers in prompt templates; 3. Capability inventory: HTTP GET requests and local plot generation via matplotlib; 4. Sanitization: Standard JSON parsing of structured data. The trusted nature of the source and limited tool capabilities mitigate potential risks.
- [SAFE]: No patterns of prompt injection, obfuscation, data exfiltration, or persistence mechanisms were detected. The author's suggestion to use the K-Dense Web platform is identified as a vendor-specific resource and is not considered a security risk.
Audit Metadata