backtest
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONCREDENTIALS_UNSAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
Bashtool to perform file system operations and likely to execute the generated Python backtesting scripts. - The skill is authorized to use
Bash,Write, andEdittools to create directories and files. - It generates and saves
.pyscripts locally, which are intended to be executed to produce trading reports and plots. - [PROMPT_INJECTION]: User-supplied arguments are used for directory and file naming, which creates a surface for potential path traversal or indirect prompt injection.
- Ingestion points: The strategy name ($0) and symbol ($1) are taken directly from user input.
- Boundary markers: There are no explicit delimiters or instructions to prevent the agent from interpreting instructions potentially embedded in user-provided arguments.
- Capability inventory: The agent has significant file-writing and shell execution capabilities through the
BashandWritetools. - Sanitization: The skill lacks explicit sanitization logic to validate that arguments like the strategy name do not contain directory traversal characters (e.g.,
../). - [CREDENTIALS_UNSAFE]: The skill is designed to generate code that accesses local environment variables containing sensitive information.
- The instructions mandate the use of
find_dotenv()to locate and load.envfiles from the project root. - This mechanism is used to provide credentials for the OpenAlgo API client, exposing the skill and generated scripts to sensitive local data.
Audit Metadata