中文 EN

Scan Report

Scan New Files

Trusted — Risk Score 5/100
Last scan:2 days ago Rescan
5 /100
backtester
Professional backtesting framework for trading strategies
Professional backtesting framework with no malicious behavior detected. Code performs legitimate financial calculations on local SQLite data.
Skill Namebacktester
Duration22.8s
Enginepi
Safe to install
This skill is safe to use. Consider pinning package versions if dependency stability is a concern.

Findings 1 items

Severity Finding Location
Low
Documentation mentions unimplemented API
SKILL.md references Tiger API for professional data, but backtest.py only uses local SQLite. This appears to be a planned feature, not hidden behavior.
API: Tiger API for professional data
→ Update docs to reflect current implementation or implement the API feature
 SKILL.md:138
ResourceDeclaredInferredStatusEvidence
Filesystem READ READ ✓ Aligned backtest.py:23 - os.path.exists() and sqlite3.connect()
Database READ READ ✓ Aligned backtest.py:30-52 - pd.read_sql_query()
Network NONE NONE No network requests found in code
Shell NONE NONE No subprocess or shell execution
Environment NONE NONE No os.environ access

File Tree

3 files · 19.1 KB · 574 lines
Markdown 1f · 323L Python 1f · 246L JSON 1f · 5L
├─ 📋 _meta.json JSON 5L · 129 B
├─ 🐍 backtest.py Python 246L · 8.2 KB
└─ 📝 SKILL.md Markdown 323L · 10.8 KB

Dependencies 3 items

PackageVersionSourceKnown VulnsNotes
pandas * pip No Not explicitly listed in requirements
numpy * pip No Not explicitly listed in requirements
sqlite3 builtin stdlib No Python standard library

Security Positives

✓ No network requests or data exfiltration
✓ No shell execution or subprocess calls
✓ No credential harvesting or environment variable access
✓ No obfuscation techniques (base64, eval, etc.)
✓ Uses only standard Python libraries (sqlite3, pandas, numpy)
✓ All database operations are read-only (SELECT queries only)
✓ Input validation present for stock symbols and date formats
✓ No hidden functionality detected