ibkr-api-skill
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends installing the
ib_asyncPython library and references multiple community-developed GitHub repositories for MCP servers (e.g.,ArjunDivecha/ibkr-mcp-server,code-rabi/interactive-brokers-mcp). These are external dependencies hosted on individual developer accounts. - [COMMAND_EXECUTION]: Provides detailed Python implementations and MCP tools for executing sensitive financial operations, including order placement, cancellation, and multi-account portfolio management through the IBKR TWS and Client Portal APIs.
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection through its integration with external financial data.
- Ingestion points: Retrieves market data, account summaries, and positions from the IBKR API as described in
SKILL.mdandconnection-patterns.md. - Boundary markers: There are no defined delimiters or specific instructions provided to ignore or sanitize embedded commands within the data returned by the brokerage service.
- Capability inventory: The skill includes powerful execution tools such as
place_orderandreqGlobalCancelacross various account types. - Sanitization: No logic is present to sanitize or validate strings returned from the API before they are used to inform the agent's actions or reasoning.
Audit Metadata