intraday-microstructure-analyzer
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill requires the agent to execute shell commands to manage its environment and run data extraction tools.
- Evidence: 'references/data-queries.md' instructs to run 'source ../../.venv/bin/activate' and 'python ../findata-toolkit-cn/scripts/views_runner.py'.
- [EXTERNAL_DOWNLOADS]: The skill instructs the agent to download and install Python dependencies.
- Evidence: 'references/data-queries.md' contains 'python -m pip install -r ../findata-toolkit-cn/requirements.txt'.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes financial market data that could contain malicious instructions.
- Ingestion points: Market data fetched by 'views_runner.py' as described in 'references/data-queries.md'.
- Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the processing logic.
- Capability inventory: The agent performs complex analysis and explanation ('SKILL.md') and has the ability to execute subprocesses ('references/data-queries.md').
- Sanitization: No evidence of data validation or sanitization before processing market data output.
Audit Metadata