finlab
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [REMOTE_CODE_EXECUTION] (CRITICAL): A confirmed detection of an untrusted remote code execution pattern was found. The skill executes a script from
https://astral.sh/uv/install.shby piping the output ofcurldirectly into the shell (| sh). This is a high-risk pattern that allows a remote server to execute arbitrary commands on the user's system. - [CREDENTIALS_UNSAFE] (HIGH): The documentation explicitly instructs users to set sensitive credentials—including
ESUN_ACCOUNT_PASSWORD,SHIOAJI_CERT_PASSWORD, andMASTERLINK_ACCOUNT_PASS—directly within Python code usingos.environ. This practice encourages users to store plain-text secrets in source files, which are often accidentally committed to version control or shared. - [EXTERNAL_DOWNLOADS] (MEDIUM): The skill depends on third-party libraries
esun-tradeandshioajiwhich are not from the pre-approved trusted organizations list. These packages are installed viapipand interact with financial accounts, posing a supply-chain risk. - [DATA_EXPOSURE] (MEDIUM): The skill handles sensitive file paths for trading certificates (e.g.,
ESUN_CONFIG_PATH,SHIOAJI_CERT_PATH,MASTERLINK_CERT_PATH). While no explicit exfiltration was detected in the reference file, the management of these paths in scripts increases the surface area for credential theft.
Recommendations
- HIGH: Downloads and executes remote code from: https://astral.sh/uv/install.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata