alpha101
Warn
Audited by Gen Agent Trust Hub on May 17, 2026
Risk Level: MEDIUMREMOTE_CODE_EXECUTION
Full Analysis
- [DYNAMIC_EXECUTION]: The scripts
scripts/backtest_alpha.pyandscripts/compute_ic.pyusepd.read_pickle()to load input data from files specified via command-line arguments. In Python, thepicklemodule is insecure and can execute arbitrary code during deserialization. This poses a risk if an attacker provides a maliciously crafted pickle file to be processed by the agent using this skill.
Audit Metadata