decision-dashboard
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill invokes a local Python script (
run.py) via the Bash tool to generate financial reports. This behavior is consistent with its implementation as a code-backed financial tool.\n- [EXTERNAL_DOWNLOADS]: The skill references 'akshare' as a source for financial data, which involves fetching market information from external servers. This is a standard and expected requirement for market monitoring functionality.\n- [PROMPT_INJECTION]: The skill ingests data from local files and directories to build its dashboard, creating an indirect prompt injection surface.\n - Ingestion points: Data is read from files and directories provided via the
--fileand--dirCLI arguments as described in SKILL.md and run.py.\n - Boundary markers: No specific delimiters or boundary instructions are present in the skill's templates to isolate ingested symbol data.\n
- Capability inventory: The skill leverages
Bash,Read, andGlobcapabilities to access and process system files.\n - Sanitization: The instruction files do not specify explicit data sanitization or filtering logic for the content of processed data files.
Audit Metadata