fund-deep-research
Pass
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill utilizes official Alibaba Cloud (DashScope) MCP endpoints (dashscope.aliyuncs.com) to fetch financial and fund manager data, which aligns with the skill's stated purpose and vendor attribution.
- [SAFE]: External data ingestion occurs through financial information tools such as BatchGetFundsDetail and FundManagerInfoReport. (1) Ingestion points: MCP tool outputs from qieman and gildata-aidata. (2) Boundary markers: Absent. (3) Capability inventory: Text analysis and data visualization via RenderEchart. (4) Sanitization: Not explicitly defined. While boundary markers are absent, the data source is a managed enterprise API service, limiting the risk of indirect prompt injection.
- [SAFE]: Visualizations are generated using a dedicated rendering tool with structured JSON inputs, preventing arbitrary code execution and maintaining clear separation between data and presentation logic.
Audit Metadata