ib-trades-history
Pass
Audited by Gen Agent Trust Hub on Jun 28, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill defines instructions for the agent to execute a local Python wrapper script (
scripts/trades.py) usinguv run. These commands are used to query the Interactive Brokers API or parse local report files. - [DATA_EXFILTRATION]: The skill is designed to process sensitive financial information, including trade history and account details. It correctly manages sensitive credentials by requiring the user to provide FlexReport tokens as arguments (
--flex-token) and performs network communication primarily with a local IBKR TWS/Gateway instance. - [PROMPT_INJECTION]: The skill reads data from external sources (Interactive Brokers API and local XML files), which constitutes an ingestion surface for indirect prompt injection.
- Ingestion points: Financial data enters the agent context through the JSON output generated by
scripts/trades.py. - Boundary markers: No specific delimiters or instructions to ignore instructions embedded within the trade data are included in the script's output.
- Capability inventory: The skill requires the ability to execute shell commands and read local files specified by the user via the
--fileargument. - Sanitization: The skill does not perform explicit sanitization of the trade data content (such as symbols or execution memos) before presenting it to the agent.
Audit Metadata