tencent-finance
Fail
Audited by Gen Agent Trust Hub on Feb 13, 2026
Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTIONNO_CODE
Full Analysis
- [COMMAND_EXECUTION] (HIGH): The installation instructions recommend symlinking the script to
/usr/local/bin/. This establishes system-wide persistence and typically requires elevated privileges, which is unnecessary for a stock quote tool and increases the potential impact of malicious code. - [COMMAND_EXECUTION] (MEDIUM): The skill requires the user to grant execution permissions (
chmod +x) to a local script namedtfin. Because the source code fortfinis not included in the provided files, its behavior is unverifiable and could involve arbitrary malicious command execution. - [PROMPT_INJECTION] (LOW): The skill fetches data from the Tencent Finance API, creating an indirect prompt injection surface. Malicious content within the external API responses could attempt to manipulate the agent's reasoning or behavior.
- Ingestion points: Stock quotes and search results from the Tencent Finance API.
- Boundary markers: None present in the documentation.
- Capability inventory: Command execution (
tfin) and data display. - Sanitization: None verifiable due to missing source code.
- [NO_CODE] (INFO): The primary logic script (
tfin) is missing from the provided package, preventing a complete security audit of the skill's actual code.
Recommendations
- AI detected serious security threats
Audit Metadata