market-breadth-monitor
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill directs the agent to execute shell commands to activate a virtual environment and run data processing scripts located in the sibling directory
../findata-toolkit-cn/scripts/. These operations are required for the skill's primary analytical functions. - [EXTERNAL_DOWNLOADS]: The skill instructions involve installing Python dependencies via pip and fetching financial data from established services such as AKShare and Eastern Wealth. These resources are from well-known and trusted technology/financial providers.
- [PROMPT_INJECTION]: The skill handles untrusted external financial data, which presents an indirect prompt injection surface. This is mitigated by defined analysis workflows and structured response constraints.
- Ingestion points: Financial data is ingested from AKShare and Eastern Wealth APIs as detailed in
references/methodology.md. - Boundary markers: The agent is instructed to follow a specific structure defined in
references/output-template.mdto limit response variability. - Capability inventory: The skill utilizes local Python script execution for data retrieval and processing as outlined in
references/data-queries.md. - Sanitization: The methodology includes specific protocols in
references/methodology.mdfor detecting and handling missing or abnormal data values.
Audit Metadata