Skills
skills/finhay/finhay-skills-hub/finhay-portfolio/Gen Agent Trust Hub

finhay-portfolio

Pass

Audited by Gen Agent Trust Hub on May 7, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill operates by executing a local shell script (finhay.sh) or PowerShell script (finhay.ps1) for core functions including authentication, environment verification, ID inference, and executing signed API requests.
  • [EXTERNAL_DOWNLOADS]: The sync command documented in SKILL.md is intended to "Update local skill definitions from source," which involves fetching data or code from a remote location at runtime.
  • [PROMPT_INJECTION]: The skill retrieves and processes user-specific financial data from external API endpoints (e.g., account summaries and order history from finhay.com). This creates a surface for indirect prompt injection where malicious instructions embedded in the API response could attempt to manipulate the agent's behavior.
  • Ingestion points: Data retrieved from multiple endpoints such as /users/v3/users/{userId}/assets/summary and /trading/sub-accounts/{subAccountId}/orders as documented in the endpoint references.
  • Boundary markers: No explicit instructions or delimiters are provided to ensure the agent ignores or sanitizes potential instructions within the API data.
  • Capability inventory: The agent can execute local shell scripts (finhay.sh) and has access to environment variables including FINHAY_API_KEY and FINHAY_API_SECRET.
  • Sanitization: The skill instructions do not specify any validation, escaping, or sanitization protocols for the content returned from external API calls.
Audit Metadata
Risk Level
SAFE
Analyzed
May 7, 2026, 02:58 AM