Skills
skills/yourdaylight/stock_datasource/stock-data-assistant/Gen Agent Trust Hub

stock-data-assistant

Fail

Audited by Gen Agent Trust Hub on Apr 11, 2026

Risk Level: HIGHCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [CREDENTIALS_UNSAFE]: The file references/picoclaw_config_example.yaml contains a hardcoded API key (sk-d2d0dc36-f065-46ed-a897-0ddcbd0046eb) for the Haihub service.
  • [EXTERNAL_DOWNLOADS]: setup_picoclaw.sh fetches the picoclaw binary from Sipeed's official GitHub repository releases.
  • [COMMAND_EXECUTION]: start_wechat_bridge.sh and setup_picoclaw.sh execute shell commands to install and run the downloaded binary, manage system processes, and launch Python scripts.
  • [DATA_EXPOSURE]: generate_picoclaw_config.py reads sensitive environment variables (OPENAI_API_KEY) and stores them in a plain-text configuration file at .local/picoclaw.yaml.
  • [PROMPT_INJECTION]: The skill uses the WeChat channel to ingest untrusted user messages which are then processed by an LLM to invoke tool calls.
  • Ingestion points: WeChat message interface as described in SKILL.md.
  • Boundary markers: None present in the orchestration scripts.
  • Capability inventory: Access to 76+ stock data MCP tools and market data subscriptions via picoclaw and start_wechat_bridge.sh.
  • Sanitization: No sanitization or validation of the WeChat input is implemented in the provided shell or Python wrappers.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Apr 11, 2026, 06:06 AM