emerging-movers
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The main script utilizes the subprocess.run method to invoke the platform's mcporter utility for fetching market data. The command uses static arguments and does not incorporate unsanitized user input or shell evaluation.
- [DATA_EXFILTRATION]: The skill maintains a history of scans in a local JSON file within the designated workspace directory. There are no network operations, such as curl or requests, that indicate data being sent to external or unauthorized domains.
- [SAFE]: Comprehensive analysis of the Python logic and documentation shows the skill is dedicated to legitimate market analysis. No patterns of prompt injection, code obfuscation, persistence mechanisms, or privilege escalation were identified.
Audit Metadata