policy-sensitivity-brief
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands to activate virtual environments and run Python scripts (
references/data-queries.md). - [EXTERNAL_DOWNLOADS]: The skill performs automated package installation using
pip installfrom a requirements file located in a sibling directory (references/data-queries.md). - [REMOTE_CODE_EXECUTION]: The skill relies on and executes code from a relative path outside its own directory structure (
../findata-toolkit-cn/scripts/views_runner.py), which is an external code dependency provided by the skill author (references/data-queries.md). - [PROMPT_INJECTION]: The skill processes untrusted data from external sources such as government policy websites and news APIs (
references/methodology.md). - Ingestion points: External news, policy data, and AKShare data (SKILL.md, references/methodology.md).
- Boundary markers: None identified in the prompt instructions to isolate external data.
- Capability inventory: Shell execution, file access, and Python execution (references/data-queries.md).
- Sanitization: No explicit data sanitization or validation logic is defined in the documentation.
Audit Metadata