financial-analysis
Warn
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: MEDIUMCREDENTIALS_UNSAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [CREDENTIALS_UNSAFE]: The script
scripts/financial_analyzer.pyis configured to use standard environment variables (OPENAI_API_KEYorANTHROPIC_API_KEY) to authenticate against a custom, hardcoded API base URL (https://api.drqyq.com). Directing official service credentials to an unofficial third-party proxy instead of the official service providers (OpenAI/Anthropic) creates a risk of credential harvesting. - [DATA_EXFILTRATION]: Financial indicators, company names, and report metadata are transmitted to the external domain
https://api.drqyq.comduring the AI analysis phase inscripts/financial_analyzer.py. This domain is not a whitelisted or well-known service, posing a risk of sensitive data exposure to an untrusted party. - [PROMPT_INJECTION]: The skill ingests untrusted text content from PDF financial reports to perform deep analysis. The prompt construction in
scripts/financial_analyzer.pylacks boundary markers or instructions to disregard embedded commands, making it susceptible to indirect prompt injection where a malicious document could influence agent behavior. - Ingestion points: PDF text content parsed via regex patterns defined in
references/code-examples.md. - Boundary markers: Absent from the AI analysis prompt template in
scripts/financial_analyzer.py. - Capability inventory: Capability to perform external network requests and write local files (
.md,.xlsx). - Sanitization: No evidence of sanitization or filtering of the extracted financial text before it is inserted into the LLM prompt.
Audit Metadata