trader-portfolio-cg
Pass
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the neural-trader package via npm. It explicitly uses the --ignore-scripts flag, which is a critical security measure to prevent the execution of arbitrary or malicious lifecycle scripts during the installation process.\n- [COMMAND_EXECUTION]: Executes npx neural-trader to retrieve current portfolio metrics and as a fallback for optimization. These operations are limited to the specific utility required for the skill's financial calculations and no unauthorized commands were found.\n- [DATA_EXFILTRATION]: No external data exfiltration was detected. Data transmission is limited to local command outputs and designated MCP memory namespaces for storage and cross-checking as defined in the trading-risk namespace.\n- [PROMPT_INJECTION]: The skill identifies an indirect prompt injection surface because it processes data retrieved from external tools.\n
- Ingestion points: Data is read from the neural-trader CLI JSON output and via the mcp__claude-flow__memory_search tool (SKILL.md).\n
- Boundary markers: The instructions do not define specific delimiters or instructions to the agent to disregard potential instructions embedded within the ingested data.\n
- Capability inventory: The skill possesses shell execution capabilities (Bash) and access to persistent memory storage tools (mcp__claude-flow__memory_store) as seen in SKILL.md.\n
- Sanitization: The instructions do not specify any validation or sanitization of the input data before it is utilized in the optimization workflow.
Audit Metadata