suitability-report-generator
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill provides explicit instructions in
references/data-queries.mdto execute shell commands for activating a Python virtual environment (source ../../.venv/bin/activate) and running a data runner script (python ../findata-toolkit-cn/scripts/views_runner.py). These actions are transparently documented as part of the data augmentation workflow. - [EXTERNAL_DOWNLOADS]: The environment setup process includes an instruction to install Python dependencies from a local requirements file (
python -m pip install -r ../findata-toolkit-cn/requirements.txt). While this initiates external downloads through the package manager, the behavior is expected for a data-intensive financial analysis skill. - [PROMPT_INJECTION]: The skill possesses a vulnerability surface for indirect prompt injection due to its core function of ingesting and summarizing untrusted external data into a compliance report.
- Ingestion points:
SKILL.md(Investment recommendations and client profile data provided by users). - Boundary markers: The instructions lack explicit boundary markers or delimiters to isolate user-provided text from the agent's internal logic.
- Capability inventory: The skill utilizes shell and Python script execution capabilities (
references/data-queries.md) to fetch market data. - Sanitization: No evidence of input validation or sanitization is present for the user-provided data inputs.
Audit Metadata