fsi-pe-portfolio-monitoring
Pass
Audited by Gen Agent Trust Hub on Jun 21, 2026
Risk Level: SAFE
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill ingests data from external financial packages (Excel, PDF, CSV), creating an attack surface for indirect prompt injection. However, the risk is negligible as the skill lacks dangerous capabilities such as network access, file system modification, or command execution.
- Ingestion points: Financial packages described in Step 1 of SKILL.md.
- Boundary markers: No delimiters or instructions to ignore embedded content are specified.
- Capability inventory: Limited to data extraction, KPI calculation, table generation, and charting; no subprocesses or network tools are utilized.
- Sanitization: No explicit content validation or sanitization is described.
Audit Metadata