mx-finance-data

Fail

Audited by Gen Agent Trust Hub on May 20, 2026

Risk Level: HIGHCREDENTIALS_UNSAFE
Full Analysis
  • [CREDENTIALS_UNSAFE]: The script scripts/get_data.py contains a hardcoded default API key in the line: EM_API_KEY = os.environ.get("EM_API_KEY", "em_eaRnxyWlMUiriR0Tj2m79QtUtxjTU0hQ").strip(). Hardcoding credentials poses a risk of unauthorized access if the source code is exposed.
  • [EXTERNAL_DOWNLOADS]: The skill requires the installation of external Python libraries httpx, pandas, and openpyxl to perform network requests and data processing, as specified in the installation instructions in SKILL.md.
  • [DATA_EXFILTRATION]: The skill transmits user-provided search queries to an external endpoint (https://ai-saas.eastmoney.com/proxy/b/mcp/tool/searchData) to retrieve financial information. While this is part of the primary functionality, it involves sending data to an external service.
  • [INDIRECT_PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection.
  • Ingestion points: User-supplied natural language queries are accepted via the --query command-line argument in scripts/get_data.py.
  • Boundary markers: None are implemented to distinguish between the user's intent and potentially malicious instructions embedded in the query string.
  • Capability inventory: The skill has the ability to create directories and write files (.xlsx and .txt) to the local filesystem using pd.ExcelWriter and pathlib.Path.write_text in scripts/get_data.py.
  • Sanitization: There is no evidence of sanitization or validation of the input query before it is transmitted to the API or reflected in the output description files.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
May 20, 2026, 10:50 AM
Security Audit — agent-trust-hub — mx-finance-data