alpha-vantage
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- Indirect Prompt Injection (SAFE): The skill is designed to ingest and display financial data (stocks, forex, crypto) from the Alpha Vantage API via a Refly workflow. While this involves processing external data, the risk is negligible due to the structured nature of market data.
- Ingestion points: Financial data content extracted via the
refly workflow toolcallscommand in SKILL.md. - Boundary markers: None explicitly defined in the execution steps.
- Capability inventory: The skill utilizes the
reflyCLI tool for workflow management and data extraction; it does not contain any scripts for local file manipulation or arbitrary network operations. - Sanitization: Not explicitly documented in the provided files.
- Unverifiable Dependencies (SAFE): The skill refers to the
reflyCLI for execution, which is the expected interface for this platform. No external third-party libraries (Python/Node) are required by the skill files themselves.
Audit Metadata