Skills
skills/altenli/stock-analyzer-skill/stock-analyzer/Gen Agent Trust Hub

stock-analyzer

Pass

Audited by Gen Agent Trust Hub on Mar 31, 2026

Risk Level: SAFE
Full Analysis
  • [INDIRECT_PROMPT_INJECTION]: The skill fetches and processes stock news and company announcements from external web sources, which serves as a potential surface for indirect prompt injection if the source content contains hidden instructions.
  • Ingestion points: Ingests external data from eastmoney.com search results, news pages, and company announcements as documented in SKILL.md (Step 4, 6.5) and implemented in scripts/fetch_stock.py.
  • Boundary markers: No specific boundary markers or instructions to ignore embedded commands are present in the skill when processing external financial data.
  • Capability inventory: The skill possesses the ability to execute a local Python script (scripts/fetch_stock.py), perform web searches via web_search, and save reports to the workspace using write_to_file.
  • Sanitization: No specific sanitization, filtering, or validation of the external web content is performed before the agent processes it.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 31, 2026, 03:17 AM