fsi-spg-tear-sheet
Pass
Audited by Gen Agent Trust Hub on Jun 21, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill generates and executes a Node.js script to build Word documents. This is the primary intended function of the skill and is implemented using standard practices. It provides a set of pre-defined, safe JavaScript helper functions and restricts file operations to the appropriate directories (
/tmp/for processing and/mnt/user-data/outputs/for results). - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it ingests data from external S&P Global tools.
- Ingestion points: Financial data retrieved from S&P Global MCP tools (SKILL.md, Step 3).
- Boundary markers: The data is stored in intermediate CSV and TXT files in
/tmp/without specific delimiters to distinguish data from instructions. - Capability inventory: The skill utilizes file-writing capabilities and Node.js execution to generate documents.
- Sanitization: No explicit sanitization of retrieved data is performed. However, because the data source is a structured financial information provider rather than untrusted user content, the risk of malicious instructions being present in the source is negligible.
- [EXTERNAL_DOWNLOADS]: The skill uses the 'docx' Node.js package. This is a legitimate, well-known library for document generation and is used here in a standard manner.
Audit Metadata