insider-sentiment-aggregator
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill invokes local Python scripts (e.g.,
sec_edgar.py,stock_data.py) located in a sibling directory (../findata-toolkit/scripts/) to retrieve and process financial information. This execution is part of the tool's core functionality. - [EXTERNAL_DOWNLOADS]: The skill installs required dependencies from a local requirements file (
../findata-toolkit/requirements.txt) to set up the execution environment. This is a standard practice for Python-based toolkits. - [PROMPT_INJECTION]: Indirect Prompt Injection Surface.
- Ingestion points: The skill ingests untrusted data from SEC EDGAR filings via the
sec_edgar.pyscript as specified inreferences/data-queries.md. - Boundary markers: Absent; there are no explicit delimiters or instructions to the agent to disregard instructions that might be embedded in the external filings.
- Capability inventory: The skill has the capability to execute several local Python scripts through subprocess calls (File:
references/data-queries.md). - Sanitization: Absent; while the skill cleans data for analytical accuracy, it does not implement security-specific sanitization or filtering for potential prompt injection content in the filings.
Audit Metadata