trader-risk
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the 'neural-trader' package from the npm registry if it is not already present. This package is the primary component required for the skill's risk assessment functionality.
- [COMMAND_EXECUTION]: The skill uses 'npx' to execute various sub-commands of 'neural-trader' to calculate Value at Risk (VaR), correlation, and position sizing. It correctly includes the '--ignore-scripts' flag during the installation step to mitigate risks of arbitrary code execution from the package's lifecycle scripts.
Audit Metadata