equity-pledge-risk-monitor
Warn
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the execution of shell commands to activate virtual environments and run Python scripts as documented in
references/data-queries.md. - [EXTERNAL_DOWNLOADS]: The skill attempts to install Python dependencies from a requirements file located outside the skill's own directory at
../findata-toolkit-cn/requirements.txt. - [REMOTE_CODE_EXECUTION]: The skill executes external logic by calling a Python script
views_runner.pyfrom a sibling directory../findata-toolkit-cn/scripts/. This constitutes execution of code not distributed within the skill package. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection via the ingestion of untrusted financial data. Evidence chain: 1. Ingestion points: Data is fetched from external providers like AKShare and Eastmoney as described in
references/data-queries.md. 2. Boundary markers: Absent; no delimiters or instructions to ignore embedded commands are specified for external data. 3. Capability inventory: The skill can execute shell commands and run Python scripts (SKILL.md). 4. Sanitization: No data sanitization or validation processes are documented for the external input.
Audit Metadata