a-share-data
Pass
Audited by Gen Agent Trust Hub on Apr 15, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill is designed to run localized Python scripts (e.g., fetch_realtime.py, fetch_history.py) to perform data aggregation and processing. This is a standard architectural pattern for AI agent skills and does not pose an inherent risk.\n- [EXTERNAL_DOWNLOADS]: The skill performs network requests to various external financial APIs (Sina, Tencent, Eastmoney, Xueqiu, and DangInvest) to retrieve market data. These operations are essential to its primary function and are conducted via standard HTTP/HTTPS GET requests.\n- [PROMPT_INJECTION]: The skill identifies as having an indirect prompt injection surface due to its ingestion of external financial news and event data.\n
- Ingestion points: Stock news, corporate announcements, and market event descriptions retrieved from external financial APIs in fetch_realtime.py and fetch_stock_events.py.\n
- Boundary markers: Absent. The skill outputs the retrieved data directly to the agent's context without specific delimiters or warnings to ignore embedded instructions.\n
- Capability inventory: The execution environment allows for Python script execution and outbound network connections.\n
- Sanitization: Absent. The external content is formatted for readability but is not validated or filtered for potential injection payloads.
Audit Metadata