risk-assessment
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through untrusted user data being used as shell arguments.
- Ingestion points: Ticker symbols (
SYMBOL) and analysis periods (PERIOD) provided by the user are interpolated into shell commands inSKILL.md. - Boundary markers: Absent; the command template
uv run python scripts/risk.py SYMBOLdoes not use delimiters or quoting to isolate user-supplied strings. - Capability inventory: The skill utilizes shell execution to run a Python script as detailed in the instructions.
- Sanitization: No sanitization logic or validation instructions are provided to ensure ticker symbols or periods are restricted to safe alphanumeric characters before being passed to the shell.
- [COMMAND_EXECUTION]: The skill instructions direct the agent to execute a Python script via the command line, incorporating user-provided parameters directly into the execution string.
- [EXTERNAL_DOWNLOADS]: The skill references and downloads resources from external and vendor-owned sources.
- Well-Known Services: Uses
yfinanceto fetch financial data from Yahoo Finance, a well-known service. - Vendor Resources: Depends on the
trading-skillspackage, which is a dependency from the same author (staskh). - Standard Packages: Utilizes
numpyfor numerical calculations.
Audit Metadata