dcf-model
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill instructions provide a comprehensive guide for building financial models following investment banking standards. All operations involve local Excel file manipulation using standard libraries.
- [COMMAND_EXECUTION]: The skill uses a validation script (scripts/validate_dcf.py) to check for formula errors and logical consistency in the generated models. This script performs routine cell-value checks and does not execute arbitrary commands. It also references a recalculation script from a related skill for quality assurance.
- [REMOTE_CODE_EXECUTION]: No remote code execution patterns or unsafe external script downloads were found. Dependencies listed in requirements.txt are standard, well-known libraries (openpyxl, requests).
- [DATA_EXFILTRATION]: The skill fetches financial data from configured MCP servers and reputable web sources like SEC EDGAR for modeling purposes. No sensitive local file access or unauthorized data transmission to unknown domains was detected.
- [PROMPT_INJECTION]: The instructions contain strict constraints and professional guidelines designed to ensure model accuracy and consistency, with no attempts to override system safety protocols or extract system prompts.
Audit Metadata