finlab
Pass
Audited by Gen Agent Trust Hub on May 3, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a guide for quantitative trading using the FinLab package. All provided code examples and instructions are consistent with the primary purpose of financial strategy development and backtesting.
- [EXTERNAL_DOWNLOADS]: The skill references legitimate external dependencies including the
finlabpackage, broker SDKs (shioaji,esun-trade), and data science libraries (optuna,lightgbm,xgboost). These are installed using theuvpackage manager as part of the setup process. - [CREDENTIALS_SAFE]: The skill correctly advises the use of environment variables for managing broker API credentials, which is a standard security best practice. It also utilizes a secure OAuth flow (
finlab.login()) for API token management. - [COMMAND_EXECUTION]: Provides standard shell commands for environment setup and package installation (e.g.,
uv pip install). No arbitrary or dangerous command execution was detected. - [DATA_EXPOSURE]: No evidence of sensitive data exfiltration or unauthorized file access. The skill operates on publicly available financial market data retrieved through the FinLab API.
Audit Metadata