ib-trades-history

Pass

Audited by Gen Agent Trust Hub on Jun 28, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill defines instructions for the agent to execute a local Python wrapper script (scripts/trades.py) using uv run. These commands are used to query the Interactive Brokers API or parse local report files.
  • [DATA_EXFILTRATION]: The skill is designed to process sensitive financial information, including trade history and account details. It correctly manages sensitive credentials by requiring the user to provide FlexReport tokens as arguments (--flex-token) and performs network communication primarily with a local IBKR TWS/Gateway instance.
  • [PROMPT_INJECTION]: The skill reads data from external sources (Interactive Brokers API and local XML files), which constitutes an ingestion surface for indirect prompt injection.
  • Ingestion points: Financial data enters the agent context through the JSON output generated by scripts/trades.py.
  • Boundary markers: No specific delimiters or instructions to ignore instructions embedded within the trade data are included in the script's output.
  • Capability inventory: The skill requires the ability to execute shell commands and read local files specified by the user via the --file argument.
  • Sanitization: The skill does not perform explicit sanitization of the trade data content (such as symbols or execution memos) before presenting it to the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 28, 2026, 09:22 PM
Security Audit — agent-trust-hub — ib-trades-history