investor-relations
Pass
Audited by Gen Agent Trust Hub on May 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's primary purpose is document generation and financial analysis based on user-provided data. No high-risk behaviors or security violations were identified during the analysis.\n- [COMMAND_EXECUTION]: The skill integrates with the
mcp__sequential-thinking__sequentialthinkingtool. This is a legitimate use of the Model Context Protocol to handle complex, multi-step financial reasoning and does not pose a security risk in this context.\n- [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted business data provided by the user, which presents a theoretical injection surface.\n - Ingestion points: Untrusted data enters via user prompts describing business metrics (e.g., ARR, MAU) and through existing documents copied into the
_workspace/directory as described in references/financial-modeler.md.\n - Boundary markers: Absent. The instructions do not define specific delimiters or instructions to ignore embedded commands within the user data.\n
- Capability inventory: The skill utilizes sequential thinking tools and performs file-write operations within its designated
_workspace/to store intermediate and final reports as mentioned in SKILL.md and its references.\n - Sanitization: Absent. There is no mention of input validation or escaping for the ingested financial data; the skill is instructed to accept provided formats as-is.
Audit Metadata