ib-pmcc-advisor
Pass
Audited by Gen Agent Trust Hub on May 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local Python script
scripts/pmcc_advisor.pyviauv runto perform portfolio analysis. This is the primary intended behavior of the skill and uses local resources. - [PROMPT_INJECTION]: The skill has an indirect prompt injection surface (Category 8) because it processes data from external sources (Interactive Brokers portfolio and Yahoo Finance earnings information) and uses that data to generate natural language reports and recommendations.
- Ingestion points: External data is ingested through the
get_pmcc_datafunction inscripts/pmcc_advisor.py, which pulls from Interactive Brokers and Yahoo Finance. - Boundary markers: The instructions do not specify the use of delimiters or 'ignore embedded instructions' blocks when the agent processes the resulting JSON.
- Capability inventory: The skill has the ability to write files to the
sandbox/directory and execute its own scripts via the shell. - Sanitization: There is no evidence of sanitization or validation of the external data before it is interpolated into the agent's context.
Audit Metadata