portfolio-monitoring
Pass
Audited by Gen Agent Trust Hub on May 25, 2026
Risk Level: SAFE
Full Analysis
- [Data Handling & Processing]: The skill is designed to ingest and analyze sensitive financial documents such as Excel workbooks and PDFs. This is consistent with its stated purpose of portfolio monitoring and KPI extraction.
- [Input Analysis Surface]: Because the skill processes external documents, it has a surface for indirect prompt injection, where data within a file could attempt to influence the agent's behavior. This is a common characteristic of data-processing skills and is considered a minimal risk here as the skill lacks access to sensitive tools or network capabilities.
- [Network and Command Execution]: No network requests, external downloads, or shell command executions were identified within the skill's instructions.
- [Credential Security]: The analysis confirmed that no hardcoded credentials, API keys, or sensitive file paths (e.g., .env or SSH keys) are present or accessed.
Audit Metadata