liquidity-impact-estimator
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute specific shell commands to manage its environment and run data retrieval scripts. Evidence: 'source ../../.venv/bin/activate' and 'python ../findata-toolkit-cn/scripts/views_runner.py' in 'references/data-queries.md'.
- [EXTERNAL_DOWNLOADS]: The skill performs package installation using pip from a local requirements file, which involves fetching code from external package registries. Evidence: 'python -m pip install -r ../findata-toolkit-cn/requirements.txt' in 'references/data-queries.md'.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes financial market data retrieved via API calls through the vendor's toolkit.
- Ingestion points: Market data returned from tools like 'stock_zh_a_spot_em' and 'macro_china_dashboard' documented in 'references/data-queries.md'.
- Boundary markers: None identified in the instructions to separate external data from agent directives.
- Capability inventory: The skill has the capability to execute shell commands and Python scripts.
- Sanitization: No explicit validation or sanitization of the fetched market data is described in the workflow or methodology.
Audit Metadata