stock-screener
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Data Exposure & Exfiltration] (SAFE): The skill handles local file operations (reading and writing CSV/JSON files) consistent with its stated purpose. No network requests to external domains or access to sensitive system files (e.g., SSH keys, env files) were identified.
- [Indirect Prompt Injection] (LOW): The skill ingests untrusted data via
load_csv. - Ingestion points:
load_csvmethod inStockScreenerclass. - Boundary markers: Not explicitly defined in the provided snippets.
- Capability inventory: Local file read/write (CSV/JSON); no network or system command execution.
- Sanitization: No explicit sanitization of CSV content is shown before data is returned to the agent context. While this is a common surface for indirect injection if the CSV contains malicious instructions, the tool's focus on numeric filtering makes this a low risk.
- [External Downloads] (SAFE): Dependencies are restricted to reputable, versioned packages from the standard Python ecosystem (
pandas,numpy). No remote scripts are downloaded or executed during runtime. - [Command Execution] (SAFE): The skill does not invoke subprocesses, shell commands, or dynamic code execution (eval/exec).
Audit Metadata