weekly-market-brief-generator
Warn
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill requires the execution of shell commands to manage its environment and run analytical tools, specifically for activating virtual environments and running Python scripts as defined in references/data-queries.md.
- [REMOTE_CODE_EXECUTION]: The skill executes Python scripts from a sibling directory (../findata-toolkit-cn/scripts/views_runner.py). Because this code is located outside the audited skill package, it constitutes the execution of unverified external code that can be modified independently of the skill.
- [EXTERNAL_DOWNLOADS]: The environment preparation process involves running pip install -r ../findata-toolkit-cn/requirements.txt, which downloads and installs third-party packages from external registries like PyPI.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests and summarizes untrusted financial market data from external providers.
- Ingestion points: Real-time market data (indices, industry boards, and fund flows) fetched via the views_runner.py tool as specified in references/data-queries.md.
- Boundary markers: Absent. The skill does not implement delimiters or system instructions to ignore potentially malicious content embedded in the fetched financial data.
- Capability inventory: The skill has permissions to execute shell commands and run Python scripts (documented in references/data-queries.md).
- Sanitization: There is no evidence of data validation or sanitization logic to inspect external content before it is processed by the model.
Audit Metadata