trading-operations
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's functionality is strictly operational, focusing on the management of a local trading server (OpenAlgo) running on localhost ports 5001 and 5002. All network requests and file operations are directed at local resources.
- [INDIRECT_PROMPT_INJECTION]: The skill defines monitoring tasks that involve reading log files, which is an ingestion surface for potentially untrusted data from external broker APIs.
- Ingestion points: Strategy and server logs located in
logs/strategy_*.log. - Boundary markers: No delimiters or protective instructions are used when interpreting log output.
- Capability inventory: Includes the execution of local shell scripts, Python scripts, and local API calls via
curl. - Sanitization: No sanitization is performed on log data before it is presented to the agent context.
Audit Metadata