theme-detector
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill retrieves financial market data from several external services to perform its analysis.
- Fetches industry and stock performance metrics from Finviz via both its public site and Elite API.
- Accesses valuation data and ETF holdings through the Financial Modeling Prep (FMP) API.
- Downloads historical market metrics using the yfinance library.
- Retrieves technical indicator datasets from a specific public repository on GitHub (tradermonty/uptrend-dashboard).
- [PROMPT_INJECTION]: The skill processes external market data that could potentially contain indirect prompt injection vectors.
- Ingestion points: External CSV data and API responses are processed in
scripts/uptrend_client.py,scripts/etf_scanner.py, andscripts/representative_stock_selector.py. - Boundary markers: The skill does not explicitly use delimiters or instructions to the model to ignore commands that might be embedded within descriptive data fields.
- Capability inventory: The skill executes Python logic to aggregate data and generates Markdown reports in
scripts/report_generator.pyfor the AI to interpret. - Sanitization: The skill employs robust numeric parsing for quantitative data (e.g., in
_safe_floatand_parse_market_cap), but descriptive string fields (like industry names) are passed directly into the final report without specific sanitization for instruction markers.
Audit Metadata