Finnhub Skill

The skill bundle is benign. It provides a Python script (`scripts/app.py`) to fetch real-time stock quotes using the Finnhub API. The script securely retrieves the Finnhub API key from an environment variable (`finnhub_api_key`), which is a standard practice. There is no evidence of data exfiltration, malicious execution, persistence mechanisms, prompt injection attempts in `SKILL.md`, or obfuscation. All actions are clearly aligned with the stated purpose of accessing Finnhub data.