rq-earnings-preview
Pass
Audited by Gen Agent Trust Hub on Apr 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The script
scripts/generate_report.pyusessubprocess.runto invoke a local rendering tool (rq-report-renderer) to convert Markdown reports into HTML. The execution uses a fixed binary name and argument list without a shell environment, minimizing the risk of command injection. - [EXTERNAL_DOWNLOADS]: In
scripts/extract_announcements.py, the skill fetches official announcement PDF documents from well-known financial domains, including the Shanghai Stock Exchange (sse.com.cn), Shenzhen Stock Exchange (szse.cn), and CNINFO (cninfo.com.cn). These operations are consistent with the skill's intended purpose of financial analysis. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it processes untrusted data from web search results and external research reports and interpolates it into the report context.
- Ingestion points: Untrusted data enters the context through
web_search_findings.jsonandresearch_reports.json. - Boundary markers: Absent. The data is directly interpolated into Markdown templates without specialized delimiters or instructions to ignore embedded commands.
- Capability inventory: The skill has the capacity to execute system commands via the report renderer and perform file system writes.
- Sanitization: The processing logic includes whitespace normalization and string truncation but does not escape Markdown control characters or instructions that might be embedded in the external content.
Audit Metadata