stock-analysis

The skill presents a CRITICAL security risk primarily due to its reliance on an unverified external dependency (@steipete/bird CLI) for social media integration, combined with the handling of sensitive user credentials. The scripts/hot_scanner.py and scripts/rumor_scanner.py explicitly load AUTH_TOKEN and CT0 from a .env file and pass them to the bird CLI via environment variables for execution. The steipete GitHub organization is not on the list of trusted sources. If the bird CLI were compromised or malicious, it could exfiltrate these sensitive Twitter/X authentication tokens, leading to unauthorized access to the user's social media accounts.

Furthermore, the README.md and docs/HOT_SCANNER.md files instruct the user to set up a cron job for hot_scanner.py. This constitutes a persistence mechanism. If the hot_scanner.py script itself (or its bird dependency) were malicious, this cron job would ensure its continued execution, exacerbating the risk of data exfiltration or other malicious activities.

While the skill's core Python scripts (analyze_stock.py, dividends.py, portfolio.py, watchlist.py) use well-known libraries (yfinance, pandas, fear-and-greed, edgartools, feedparser) and access legitimate data sources (Yahoo Finance, CoinGecko, Google News, SEC EDGAR), the critical vulnerability stems from the interaction with the untrusted bird CLI.

Finally, the skill processes external news and social media content, making it inherently susceptible to indirect prompt injection if malicious instructions are embedded in these external data sources. This is an informational risk inherent to such data-processing skills.