The Agent Skills Directory

External Downloads (SAFE): The skill fetches market data from the Financial Modeling Prep API and a CSV file hosted on GitHub Pages. These operations are essential to the skill's primary function and the data is strictly parsed as numeric or boolean values, effectively preventing any risk of remote code execution through data injection.- Indirect Prompt Injection (SAFE): While the skill ingests data from web search results (such as the Put/Call ratio), the risk of indirect prompt injection is mitigated by robust input validation. All ingested data points are cast to specific numeric types (float or integer) within the Python calculators before being processed.- Credential Handling (SAFE): The skill correctly manages sensitive credentials by using environment variables (e.g., $FMP_API_KEY) rather than hardcoding them, adhering to security best practices.- Command Execution (SAFE): No dangerous command execution, shell spawning, or unsanitized subprocess calls were found. The tool's operations are limited to mathematical calculations, API requests, and generating reports within a designated output directory.

market-top-detector