Skills
skills/yuping322/finskills/quant-factor-screener/Gen Agent Trust Hub

quant-factor-screener

Pass

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: SAFECOMMAND_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill workflow involves executing Python scripts and installing requirements from a sibling directory ('../findata-toolkit-cn/'). These resources belong to the same author and are used for data fetching.
  • [CREDENTIALS_UNSAFE]: The documentation references an environment variable 'XUEQIU_TOKEN' for API access. No credentials or secrets are hardcoded in the skill files.
  • [PROMPT_INJECTION]: The skill ingests financial data from external APIs, creating a surface for indirect prompt injection. However, the data is strictly used for quantitative calculations and structured reporting, which minimizes the risk. Ingestion points: 'references/data-queries.md' (via views_runner.py). Boundary markers: Absent. Capability inventory: Restricted to data retrieval. Sanitization: Not specified.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 10, 2026, 03:23 AM