futu
Pass
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the official
futu-apiPython package, which is the legitimate SDK provided by Futu for interacting with their OpenAPI gateway. - [COMMAND_EXECUTION]: The script executes stock trading commands (place and cancel orders) via the Futu API. These are intended behaviors for a trading skill and include a
--confirm-livesafety flag to prevent accidental execution on real accounts. - [PROMPT_INJECTION]: The skill ingests market data and account information from the Futu broker, creating an indirect prompt injection surface where the agent processes external data before taking action.
- Ingestion points: Account information, position lists, and market snapshots retrieved in
scripts/futu_cli.py. - Boundary markers: Not present; the tool returns raw JSON data from the broker to the agent.
- Capability inventory: The skill has the ability to place and cancel trades as defined in
scripts/futu_cli.py. - Sanitization: Not present; the data is passed directly from the broker's API into the agent's context.
Audit Metadata