tushare
Pass
Audited by Gen Agent Trust Hub on May 31, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSNO_CODE
Full Analysis
- [SAFE]: The skill folder is comprised entirely of markdown documentation files and contains no executable scripts or binaries.
- [NO_CODE]: The skill ships with no internal code. It functions as a reference tool for the AI agent to understand how to interact with the Tushare Pro API.
- [EXTERNAL_DOWNLOADS]: The documentation guides users to install the official
tusharelibrary from the Python Package Index (PyPI) or the vendor's GitHub and Gitee repositories. These are trusted sources for the provided service. - [CREDENTIALS_UNSAFE]: Secret management practices are secure. The instructions correctly advise users to use environment variables (
TUSHARE_TOKEN) for API authentication rather than hardcoding credentials. - [DATA_EXFILTRATION]: Network operations described in the references are limited to fetching data from the official service endpoints (
tushare.pro,waditu.com,api.waditu.com). No unauthorized data transmission or sensitive file access patterns were detected. - [PROMPT_INJECTION]: No behavioral overrides, safety filter bypasses, or malicious instructions were identified in the metadata or instructional content.
Audit Metadata