data-algo-fin
Warn
Audited by Gen Agent Trust Hub on Jun 17, 2026
Risk Level: MEDIUMDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The skill references absolute local file paths (e.g.,
/Users/0xvox/.../tv_webhook.py) and project-specific memory paths. This exposes information about the host system's user directory structure. - [COMMAND_EXECUTION]: The skill is designed to modify the local environment by writing Python modules into the
propfirm_engine/directory and strategy profiles to the.strategy-profile/folder. It also involves running local backtest scripts (propfirm_engine/backtest.py), which executes the generated or modified code. - [PROMPT_INJECTION]: The skill has an indirect prompt injection surface:
- Ingestion points: The agent reads external "journal data" and "strategy code" provided by the operator to diagnose weaknesses.
- Boundary markers: Absent. There are no instructions to use delimiters or to ignore instructions embedded in the processed data.
- Capability inventory: The agent can write executable files to the local filesystem and trigger script execution for backtesting.
- Sanitization: Absent. The skill does not perform validation or sanitization of the input data before using it to generate implementation code.
Audit Metadata