Skills
skills/yuping322/finskills/shareholder-risk-check/Gen Agent Trust Hub

shareholder-risk-check

Pass

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill requires the agent to run local shell commands for environment setup and data retrieval, specifically calling scripts from a related repository (../findata-toolkit-cn/scripts/views_runner.py).
  • [EXTERNAL_DOWNLOADS]: The skill manages its environment by installing Python dependencies via pip from a local requirements file.
  • [PROMPT_INJECTION]: The skill processes untrusted external data (company announcements and shareholder information) which presents an indirect prompt injection surface.
  • Ingestion points: Data retrieved from external financial providers via views_runner.py.
  • Boundary markers: Absent; the skill does not use specific delimiters to separate fetched data from instructions.
  • Capability inventory: The skill has the capability to execute shell commands and Python scripts.
  • Sanitization: No explicit sanitization or validation of the fetched data is performed before analysis.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 10, 2026, 03:23 AM