Skills
skills/terancejiang/skill_financial_report_download/report-download/Gen Agent Trust Hub

report-download

Pass

Audited by Gen Agent Trust Hub on Mar 5, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill downloads financial report files from stockn.xueqiu.com and notice.10jqka.com.cn. These are established and well-known financial services in China. It also ensures the requests library is installed.
  • [COMMAND_EXECUTION]: The skill uses a local Python script (scripts/download_report.py) to execute the download task. The script is invoked with specific parameters including the report URL and stock metadata.
  • [PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection by processing external data from WebSearch results.
  • Ingestion points: In SKILL.md, the workflow ingests PDF URLs and titles directly from WebSearch results at Step 1 and Step 2.
  • Boundary markers: There are no explicit delimiters or instructions provided to the agent to disregard potential instructions embedded in the search results (e.g., in the document titles).
  • Capability inventory: The associated Python script has the capability to make network GET requests and write files to the local filesystem using open, os.makedirs, and os.rename.
  • Sanitization: The skill effectively mitigates risk by implementing strict URL regex validation (matching only specific subdomains of Xueqiu and Tonghuashun) and by verifying that the downloaded file contains the %PDF- magic bytes.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 5, 2026, 10:14 AM