ib-pmcc-advisor

Pass

Audited by Gen Agent Trust Hub on May 5, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a local Python script scripts/pmcc_advisor.py via uv run to perform portfolio analysis. This is the primary intended behavior of the skill and uses local resources.
  • [PROMPT_INJECTION]: The skill has an indirect prompt injection surface (Category 8) because it processes data from external sources (Interactive Brokers portfolio and Yahoo Finance earnings information) and uses that data to generate natural language reports and recommendations.
  • Ingestion points: External data is ingested through the get_pmcc_data function in scripts/pmcc_advisor.py, which pulls from Interactive Brokers and Yahoo Finance.
  • Boundary markers: The instructions do not specify the use of delimiters or 'ignore embedded instructions' blocks when the agent processes the resulting JSON.
  • Capability inventory: The skill has the ability to write files to the sandbox/ directory and execute its own scripts via the shell.
  • Sanitization: There is no evidence of sanitization or validation of the external data before it is interpolated into the agent's context.
Audit Metadata
Risk Level
SAFE
Analyzed
May 5, 2026, 06:59 PM
Security Audit — agent-trust-hub — ib-pmcc-advisor