🛡️ SafeAgentSkills

Financial Research

View on ClawHub ↗ · v1.3.4

⬇ 245 downloads · ⭐ 1

High Risk

"Use this skill any time the user wants financial analysis, earnings research, or investment-related reports. This includes: earnings call summaries, quarterly financial analysis, stock research, equity research reports, financial due diligence, company valuations, DCF models, balance sheet analysis, income statement breakdowns, cash flow analysis, SEC filing summaries, investor memos, portfolio analysis, IPO analysis, M&A research, and credit analysis. Also trigger when: user says 分析财报, 做个估值, 股票研究, 财务尽调, 现金流分析, 收入分析, 季度财务分析. If financial research or analysis is needed, use this skill."

H:4 D:4 A:3 C:1

⚠️ Hazard Flags

EXEC FS_READ_WORKSPACE FS_WRITE_WORKSPACE FS_WRITE_USER NET_EGRESS_ANY CREDS_ENV ACT_SEND_MESSAGE PI_WEB

📋 Capabilities

Execution

  • ✅ Shell execution
  • ❌ Code execution
  • ❌ Install dependencies
  • ❌ Persistence
  • Privilege: user

Filesystem

  • ✅ Read workspace
  • ✅ Write workspace
  • ❌ Read home
  • ✅ Write home
  • ❌ Read system
  • ❌ Delete

Network

  • Egress: any
  • ❌ Ingress

Credentials

  • ✅ Environment vars
  • ❌ Credential files
  • ❌ Browser data
  • ❌ Keychain

Actions

✅ send messages❌ post public❌ purchase❌ transfer money❌ deploy❌ delete external

🔒 Containment

Level: maximum

Required:
  • APPROVE_SEND: Can send messages
  • SANDBOX_CONTAINER: Code execution capability
Recommended:
  • LOG_ACTIONS: Audit trail for all actions

⚡ Risks

Unauthorized tool use: TOOL_ABUSE_SYSTEM_MODIFICATION critical

Mitigation: Remove system modification commands

Command injection risk: MCP_SQL_BLIND high

Mitigation: Remove SQL exploitation patterns.

Social engineering indicators: SOCIAL_ENG_VAGUE_DESCRIPTION low

Mitigation: Provide clear, detailed description of skill functionality

Data exfiltration patterns: MCP_EXFIL_CONVERSATION, DATA_EXFIL_BASE64_AND_NETWORK, DATA_EXFIL_ENV_VARS, DATA_EXFIL_NETWORK_REQUESTS, DATA_EXFIL_HTTP_POST critical

Mitigation: Remove references to exfiltrating conversation data or monitoring input.

Want a deeper analysis?

This report was generated by static analysis. Get an LLM-powered deep review with behavioral reasoning and attack surface mapping.

🧠 Deep Analysis — $5.00

🚨 Incident Response

Kill switch: Stop the agent process

Containment: Review logs for unexpected actions

Recovery: Depends on skill capabilities

📄 Raw SSDS JSON click to expand 
{
  "meta": {
    "document_id": "ssds:auto:anygen-financial-research:1.3.4",
    "ssds_version": "0.2.0",
    "scanner_version": "0.4.0+fe6fd9123d50",
    "created_at": "2026-03-14T00:04:56.411Z",
    "created_by": {
      "agent": "safeagentskills-cli/generate-ssds"
    },
    "language": "en",
    "notes": "Auto-generated SSDS. Manual review recommended."
  },
  "skill": {
    "name": "Financial Research",
    "version": "1.3.4",
    "format": "agent_skill",
    "description": "\"Use this skill any time the user wants financial analysis, earnings research, or investment-related reports. This includes: earnings call summaries, quarterly financial analysis, stock research, equity research reports, financial due diligence, company valuations, DCF models, balance sheet analysis, income statement breakdowns, cash flow analysis, SEC filing summaries, investor memos, portfolio analysis, IPO analysis, M&A research, and credit analysis. Also trigger when: user says 分析财报, 做个估值, 股票研究, 财务尽调, 现金流分析, 收入分析, 季度财务分析. If financial research or analysis is needed, use this skill.\"",
    "publisher": "ClawHub",
    "source": {
      "channel": "clawhub",
      "slug": "anygen-financial-research",
      "owner": "LogicTortoise",
      "downloads": 245,
      "stars": 1
    },
    "artifact": {
      "sha256": "c7aaf4d88cb685e3e8323393d1be3074c21fcbbcabfbf9d07850c8c25324c535",
      "hash_method": "files_sorted"
    }
  },
  "capabilities": {
    "execution": {
      "can_exec_shell": true,
      "can_exec_code": false,
      "privilege_level": "user",
      "can_install_deps": false,
      "can_persist": false
    },
    "filesystem": {
      "reads_workspace": true,
      "reads_user_home": false,
      "reads_system": false,
      "writes_workspace": true,
      "writes_user_home": true,
      "writes_system": false,
      "can_delete": false
    },
    "network": {
      "egress": "any",
      "ingress": false
    },
    "credentials": {
      "reads_env_vars": true,
      "reads_credential_files": false,
      "reads_browser_data": false,
      "reads_keychain": false
    },
    "services": [],
    "actions": {
      "can_send_messages": true,
      "can_post_public": false,
      "can_purchase": false,
      "can_transfer_money": false,
      "can_deploy": false,
      "can_delete_external": false
    },
    "prompt_injection_surfaces": [
      "web"
    ],
    "content_types": [
      "general"
    ]
  },
  "hazards": {
    "hdac": {
      "H": 4,
      "D": 4,
      "A": 3,
      "C": 1
    },
    "flags": [
      "EXEC",
      "FS_READ_WORKSPACE",
      "FS_WRITE_WORKSPACE",
      "FS_WRITE_USER",
      "NET_EGRESS_ANY",
      "CREDS_ENV",
      "ACT_SEND_MESSAGE",
      "PI_WEB"
    ],
    "custom_flags": [
      {
        "code": "TOOL_ABUSE",
        "name": "Unauthorized Tool Use",
        "description": "TOOL_ABUSE_SYSTEM_MODIFICATION: Modifying system permissions or configuration"
      },
      {
        "code": "SOCIAL_ENGINEERING",
        "name": "Social Engineering Risk",
        "description": "SOCIAL_ENG_VAGUE_DESCRIPTION: Skill description is too vague or missing"
      },
      {
        "code": "COMMAND_INJECTION",
        "name": "Command Injection Risk",
        "description": "MCP_SQL_BLIND: Blind SQL injection, system table access, or stored procedure abuse"
      },
      {
        "code": "DATA_EXFILTRATION",
        "name": "Data Exfiltration Risk",
        "description": "MCP_EXFIL_CONVERSATION, DATA_EXFIL_BASE64_AND_NETWORK, DATA_EXFIL_ENV_VARS, DATA_EXFIL_NETWORK_REQUESTS, DATA_EXFIL_HTTP_POST: Conversation, clipboard, or keystroke exfiltration patterns"
      }
    ],
    "confidence": {
      "level": "medium",
      "basis": [
        "static_analysis"
      ],
      "notes": "Detected 4 security patterns (8 vendored rule hits). Review recommended."
    },
    "rationale": {
      "H": "H4: Critical: Privilege escalation or malware detected",
      "D": "D4: Critical: Credential theft or data exfiltration",
      "A": "A3: External actions (deploy/message/post)",
      "C": "C1: General content"
    }
  },
  "containment": {
    "level": "maximum",
    "required": [
      {
        "control": "APPROVE_SEND",
        "reason": "Can send messages"
      },
      {
        "control": "SANDBOX_CONTAINER",
        "reason": "Code execution capability"
      }
    ],
    "recommended": [
      {
        "control": "LOG_ACTIONS",
        "reason": "Audit trail for all actions"
      }
    ],
    "uncontained_risk": "Risk level depends on manual review of actual capabilities."
  },
  "risks": {
    "risks": [
      {
        "risk": "Unauthorized tool use: TOOL_ABUSE_SYSTEM_MODIFICATION",
        "severity": "critical",
        "mitigation": "Remove system modification commands"
      },
      {
        "risk": "Command injection risk: MCP_SQL_BLIND",
        "severity": "high",
        "mitigation": "Remove SQL exploitation patterns."
      },
      {
        "risk": "Social engineering indicators: SOCIAL_ENG_VAGUE_DESCRIPTION",
        "severity": "low",
        "mitigation": "Provide clear, detailed description of skill functionality"
      },
      {
        "risk": "Data exfiltration patterns: MCP_EXFIL_CONVERSATION, DATA_EXFIL_BASE64_AND_NETWORK, DATA_EXFIL_ENV_VARS, DATA_EXFIL_NETWORK_REQUESTS, DATA_EXFIL_HTTP_POST",
        "severity": "critical",
        "mitigation": "Remove references to exfiltrating conversation data or monitoring input."
      }
    ],
    "limitations": [
      "Static analysis only - runtime behavior not verified"
    ]
  },
  "incident_response": {
    "kill_switch": [
      "Stop the agent process"
    ],
    "containment": [
      "Review logs for unexpected actions"
    ],
    "recovery": [
      "Depends on skill capabilities"
    ]
  },
  "evidence": [
    {
      "evidence_id": "EV:file-1",
      "type": "file_excerpt",
      "title": "_meta.json",
      "file_path": "_meta.json"
    },
    {
      "evidence_id": "EV:file-2",
      "type": "file_excerpt",
      "title": "SKILL.md",
      "file_path": "SKILL.md"
    },
    {
      "evidence_id": "EV:file-3",
      "type": "file_excerpt",
      "title": "scripts/fileutil.py",
      "file_path": "scripts/fileutil.py"
    },
    {
      "evidence_id": "EV:file-4",
      "type": "file_excerpt",
      "title": "scripts/auth.py",
      "file_path": "scripts/auth.py"
    },
    {
      "evidence_id": "EV:file-5",
      "type": "file_excerpt",
      "title": "scripts/anygen.py",
      "file_path": "scripts/anygen.py"
    },
    {
      "evidence_id": "EV:cisco-1",
      "type": "file_excerpt",
      "title": "TOOL_ABUSE_SYSTEM_MODIFICATION [CRITICAL] SKILL.md:45: - Configure key: `python3 scripts/anygen.py config set api_key \"sk-xxx\"` (saved ",
      "file_path": "SKILL.md"
    },
    {
      "evidence_id": "EV:cisco-2",
      "type": "file_excerpt",
      "title": "SOCIAL_ENG_VAGUE_DESCRIPTION [LOW] SKILL.md:1: ---",
      "file_path": "SKILL.md"
    },
    {
      "evidence_id": "EV:cisco-3",
      "type": "file_excerpt",
      "title": "MCP_EXFIL_CONVERSATION [HIGH] SKILL.md:150: - After completing ALL steps (including sending messages to the user), your FINA",
      "file_path": "SKILL.md"
    },
    {
      "evidence_id": "EV:cisco-4",
      "type": "file_excerpt",
      "title": "DATA_EXFIL_BASE64_AND_NETWORK [CRITICAL] scripts/fileutil.py:54: \"file_data\": base64.b64encode(content).decode(\"utf-8\"),",
      "file_path": "scripts/fileutil.py"
    },
    {
      "evidence_id": "EV:cisco-5",
      "type": "file_excerpt",
      "title": "DATA_EXFIL_ENV_VARS [MEDIUM] scripts/auth.py:35: env_key = os.getenv(ENV_API_KEY)",
      "file_path": "scripts/auth.py"
    },
    {
      "evidence_id": "EV:cisco-6",
      "type": "file_excerpt",
      "title": "DATA_EXFIL_NETWORK_REQUESTS [MEDIUM] scripts/anygen.py:15: import requests",
      "file_path": "scripts/anygen.py"
    },
    {
      "evidence_id": "EV:cisco-7",
      "type": "file_excerpt",
      "title": "DATA_EXFIL_HTTP_POST [CRITICAL] scripts/anygen.py:96: response = requests.post(",
      "file_path": "scripts/anygen.py"
    },
    {
      "evidence_id": "EV:cisco-8",
      "type": "file_excerpt",
      "title": "MCP_SQL_BLIND [HIGH] scripts/anygen.py:436: time.sleep(POLL_INTERVAL)",
      "file_path": "scripts/anygen.py"
    }
  ]
}