buyback-monitor
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill is designed to execute multiple Python scripts from a sibling directory (
../findata-toolkit/scripts/). These scripts handle data fetching and financial calculations, which is a standard pattern for modular agent tools. - [EXTERNAL_DOWNLOADS]: The setup instructions in
references/data-queries.mdinvolve installing Python dependencies from an external file (../findata-toolkit/requirements.txt) using pip. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it processes untrusted data from external sources such as SEC EDGAR filings.
- Ingestion points: External data is ingested through scripts like
sec_edgar.pyas described inreferences/data-queries.md. - Boundary markers: Absent. The skill does not use specific delimiters or instructions to ignore embedded commands within the processed filing data.
- Capability inventory: The skill has the capability to execute subprocesses (Python scripts) and access the network to retrieve financial data.
- Sanitization: Absent. There is no evidence of content sanitization or filtering of the text retrieved from external financial reports.
Audit Metadata