Skills
AGENT LAB: SKILLS
skills/stanleychanh/tushare-finance-skill-for-claude-code/tushare-finance/Gen Agent Trust Hub

tushare-finance

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFE
Full Analysis
  • Data Exposure & Exfiltration (SAFE): The skill handles an API token via the TUSHARE_TOKEN environment variable. It does not hardcode secrets or access sensitive system files.
  • Unverifiable Dependencies (SAFE): The skill depends on tushare and pandas, which are reputable and widely used packages in the financial data community.
  • Persistence Mechanisms (SAFE): No automated persistence mechanisms were detected in the skill's scripts. Documentation suggestions for environment variables in shell profiles are standard for developer tools.
  • Indirect Prompt Injection (SAFE): The risk is minimal due to the structured nature of financial data. 1. Ingestion points: Data from Tushare API processed in scripts/api_client.py. 2. Boundary markers: Absent in wrapper code as it returns structured DataFrames. 3. Capability inventory: Uses standard Python execution for queries. 4. Sanitization: Handled by the underlying Pandas and Tushare library logic.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 04:50 PM