finance-expert
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [CREDENTIALS_UNSAFE] (SAFE): The code snippets use clearly marked placeholders for API keys (e.g.,
sk_test_...and...). No hardcoded credentials or real secrets were identified. - [COMMAND_EXECUTION] (LOW): The skill metadata requests broad shell access via
Bash(*). While no malicious scripts are present in the documentation, this capability allows the agent to execute arbitrary local commands if prompted. - [DATA_EXFILTRATION] (SAFE): No unauthorized network operations or exfiltration patterns were detected. All network-related code (Stripe/Plaid) is part of standard educational integration examples.
- [SAFE] (SAFE): The content focuses on regulatory compliance (PCI-DSS) and secure financial engineering practices, such as using decimal types for currency and avoiding local storage of sensitive card data.
Audit Metadata