Skills
skills/wentorai/research-plugins/akshare-finance-data/Gen Agent Trust Hub

akshare-finance-data

Pass

Audited by Gen Agent Trust Hub on Mar 31, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the akshare library from the Python Package Index (PyPI) using pip install akshare --upgrade. This is the standard delivery method for this open-source financial library.
  • [COMMAND_EXECUTION]: The documentation includes shell commands for installation and a verification step (python -c "import akshare as ak; print(ak.__version__)") to ensure the library is correctly loaded.
  • [INDIRECT_PROMPT_INJECTION]: The skill establishes an attack surface by ingesting untrusted financial data from external sources (Sina Finance, East Money, etc.) into the agent's context.
  • Ingestion points: Data enters through various akshare functions such as ak.stock_zh_a_spot_em() and ak.macro_china_gdp() in SKILL.md.
  • Boundary markers: No specific boundary markers or instructions to ignore embedded content are provided in the code examples.
  • Capability inventory: The provided code samples use pandas for data manipulation. No high-risk capabilities like file-writing, network exfiltration of data, or subprocess execution on the fetched data are present.
  • Sanitization: No data sanitization or validation logic is included for the external data being processed.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 31, 2026, 10:16 PM