Update: finagent financial agents

[Tiioluwani]

Summary by CodeRabbit

• New Features

  • Migrated financial analyst tool to OpenAI-powered agent with FastMCP server support for streamlined natural-language stock analysis via standardized transport protocol.

• Documentation

  • Restructured README with simplified setup and usage guidance; consolidated examples to focus on the MCP-compatible interface.

• Dependencies

  • Updated dependencies to OpenAI v1.83.0; removed legacy Gemini integration; added environment variable support via python-dotenv.

[coderabbitai]

📝 Walkthrough

Walkthrough

The pull request migrates finagent from a Gemini API-based multi-class architecture to an OpenAI-powered agent-based approach using FastMCP. Changes include refactoring core analysis logic, updating documentation, reorganizing dependencies, and establishing project structure with OpenAI credentials and standard ignore patterns.

Changes

Cohort / File(s)	Summary
Documentation finagent/README.md, ai_agents/finagent/README.md	Restructured documentation from Gemini/Claude-oriented to FastMCP-focused guide; reworded sections for clarity on setup, environment configuration, and usage patterns for the analyze_stock tool via OpenAI/MCP transport.
Core Agent Logic finagent/financial_agents.py, ai_agents/finagent/financial_agents.py	Replaced multi-class Gemini pipeline with streamlined get_financial_analyst_agent() and run_financial_analysis() functions; shifted to OpenAI gpt-4o-mini agent architecture with YFinanceTools integration; moved from GEMINI_API_KEY to OPENAI_API_KEY authentication.
Dependencies & Configuration finagent/requirements.txt, ai_agents/finagent/requirements.txt, .gitignore, ai_agents/finagent/.gitignore, finagent/.env, ai_agents/finagent/.env.example	Updated dependency manifests to remove google-generativeai, add openai==1.83.0, and unpin non-critical versions; added .gitignore patterns for development artifacts; removed Gemini credentials and added OpenAI API key placeholders.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Poem

🐰 From Gemini's glow to OpenAI's bright spark,
FastMCP now guides through the financial dark,
Where agents now whisper and YFinance sings,
Each query takes flight on algorithmic wings!
The warren rejoices, the codebase made clean,
A brand-new foundation—the best yet we've seen! ✨

🚥 Pre-merge checks | ✅ 1 | ❌ 2

❌ Failed checks (1 warning, 1 inconclusive)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.
Title check	❓ Inconclusive	The title 'Update: finagent financial agents' is vague and generic, using non-descriptive language that doesn't convey the specific nature of the substantial changes made.	Consider a more specific title that highlights the main architectural change, such as 'Refactor finagent to use OpenAI agent architecture with FastMCP' or 'Migrate finagent from Gemini to OpenAI-based agent system'.

✅ Passed checks (1 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

⚔️ Resolve merge conflicts

• Resolve merge conflict in branch update/finagent

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 3

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@finagent/financial_agents.py`:
- Around line 37-43: The current try/except only wraps agent.run so errors
thrown during agent creation via get_financial_analyst_agent(openai_api_key)
bypass the error handler; move the get_financial_analyst_agent call inside the
try block (or expand the try to include it) so any exceptions from
get_financial_analyst_agent or agent.run are caught, and ensure the except
returns the same formatted error string (e.g., "Error during analysis: {e}")
referencing get_financial_analyst_agent and agent.run to locate the code to
change.

In `@finagent/README.md`:
- Around line 20-30: Update the README commands to specify the finagent
directory context: state that the .env file lives in the finagent/ directory,
and change the shell examples to either run from that directory (add instruction
like "cd finagent" before commands) or use explicit prefixed paths (e.g., pip
install -r finagent/requirements.txt and python finagent/main.py) so users
running from the repository root won't hit file-not-found errors; mention the
.env location and which working directory the server expects before showing the
install and launch commands.

In `@finagent/requirements.txt`:
- Around line 1-6: The requirements file is missing the agno dependency required
by finagent/financial_agents.py (it imports agno.agent, agno.models.openai, and
agno.tools.yfinance); add an appropriate agno entry to requirements.txt (pin a
compatible version if known, otherwise add "agno") so a clean environment can
install that package and avoid ImportError.

---

ℹ️ Review info

Configuration used: defaults

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between b14f2cc and 154709c.

📒 Files selected for processing (5)

• finagent/.env.example
• finagent/.gitignore
• finagent/README.md
• finagent/financial_agents.py
• finagent/requirements.txt

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Expand the try scope to include agent creation.

Line 37 can throw before the try block, which bypasses your error-path return behavior.

🔧 Proposed fix

 def run_financial_analysis(query: str) -> str:
     openai_api_key = os.getenv("OPENAI_API_KEY")
     if not openai_api_key:
         return "Error: OPENAI_API_KEY environment variable is not set."
-    
-    agent = get_financial_analyst_agent(openai_api_key)
+
     try:
+        agent = get_financial_analyst_agent(openai_api_key)
         # Run the agent and collect response
         response = agent.run(query)
         return response.content
     except Exception as e:
         return f"Error during analysis: {e}"

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	agent = get_financial_analyst_agent(openai_api_key)
	try:
	return team.analyze(query)
	# Run the agent and collect response
	response = agent.run(query)
	return response.content
	except Exception as e:
	return f"Error during analysis: {e}"
	agent = get_financial_analyst_agent(openai_api_key)
	try:
	# Run the agent and collect response
	response = agent.run(query)
	return response.content
	except Exception as e:
	return f"Error during analysis: {e}"

Suggested change

	agent = get_financial_analyst_agent(openai_api_key)
	try:
	return team.analyze(query)
	# Run the agent and collect response
	response = agent.run(query)
	return response.content
	except Exception as e:
	return f"Error during analysis: {e}"
	def run_financial_analysis(query: str) -> str:
	openai_api_key = os.getenv("OPENAI_API_KEY")
	if not openai_api_key:
	return "Error: OPENAI_API_KEY environment variable is not set."
	try:
	agent = get_financial_analyst_agent(openai_api_key)
	# Run the agent and collect response
	response = agent.run(query)
	return response.content
	except Exception as e:
	return f"Error during analysis: {e}"

🧰 Tools

🪛 Ruff (0.15.2)

[warning] 41-41: Consider moving this statement to an else block

(TRY300)

---

[warning] 42-42: Do not catch blind exception: Exception

(BLE001)

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@finagent/financial_agents.py` around lines 37 - 43, The current try/except
only wraps agent.run so errors thrown during agent creation via
get_financial_analyst_agent(openai_api_key) bypass the error handler; move the
get_financial_analyst_agent call inside the try block (or expand the try to
include it) so any exceptions from get_financial_analyst_agent or agent.run are
caught, and ensure the except returns the same formatted error string (e.g.,
"Error during analysis: {e}") referencing get_financial_analyst_agent and
agent.run to locate the code to change.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "=== File structure search ==="
fd -a 'requirements.txt|main.py|README.md' | head -20

echo ""
echo "=== Repository root structure ==="
git ls-files | head -30

Repository: Sumanth077/Hands-On-AI-Engineering

Length of output: 1809

---

🏁 Script executed:

#!/bin/bash
cat -n finagent/README.md | head -40

Repository: Sumanth077/Hands-On-AI-Engineering

Length of output: 2094

---

🏁 Script executed:

#!/bin/bash
echo "=== Checking for .env files ==="
find . -maxdepth 2 -name '.env*' -type f 2>/dev/null

echo ""
echo "=== Checking if .env exists at repo root ==="
test -f ./.env && echo "Found .env at repo root" || echo "No .env at repo root"

echo ""
echo "=== Contents of finagent/.env.example ==="
cat finagent/.env.example 2>/dev/null || echo "File not found"

Repository: Sumanth077/Hands-On-AI-Engineering

Length of output: 299

---

Add directory context to setup commands.

The pip install and python main.py commands assume execution from the finagent/ directory, but the README doesn't specify this. Users running from the repository root will encounter file-not-found errors. Add cd finagent before these commands or use prefixed paths (pip install -r finagent/requirements.txt, python finagent/main.py).

Also clarify that the .env file is located in the finagent/ directory, not at the repository root.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@finagent/README.md` around lines 20 - 30, Update the README commands to
specify the finagent directory context: state that the .env file lives in the
finagent/ directory, and change the shell examples to either run from that
directory (add instruction like "cd finagent" before commands) or use explicit
prefixed paths (e.g., pip install -r finagent/requirements.txt and python
finagent/main.py) so users running from the repository root won't hit
file-not-found errors; mention the .env location and which working directory the
server expects before showing the install and launch commands.

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "Agno imports found in source:"
rg -nP '^\s*(from|import)\s+agno(\.|$)' finagent -C2

echo
echo "Current requirements:"
nl -ba finagent/requirements.txt

echo
echo "Agno requirement line (expected at least one match):"
rg -nP '^\s*agno(\b|[<>=])' finagent/requirements.txt || true

Repository: Sumanth077/Hands-On-AI-Engineering

Length of output: 548

---

🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "Current requirements.txt:"
cat -n finagent/requirements.txt

echo
echo "Check if agno is in requirements.txt:"
rg -i 'agno' finagent/requirements.txt || echo "No agno found in requirements.txt"

Repository: Sumanth077/Hands-On-AI-Engineering

Length of output: 272

---

Add missing agno dependency to requirements.txt.

finagent/financial_agents.py imports agno.agent, agno.models.openai, and agno.tools.yfinance but agno is not listed in requirements. This causes ImportError on a clean environment.

Fix

 mcp
 yfinance
+agno
 openai==1.83.0
 python-dotenv
 pandas
 numpy

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	mcp
	yfinance
	openai==1.83.0
	python-dotenv
	pandas
	numpy
	mcp
	yfinance
	agno
	openai==1.83.0
	python-dotenv
	pandas
	numpy

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@finagent/requirements.txt` around lines 1 - 6, The requirements file is
missing the agno dependency required by finagent/financial_agents.py (it imports
agno.agent, agno.models.openai, and agno.tools.yfinance); add an appropriate
agno entry to requirements.txt (pin a compatible version if known, otherwise add
"agno") so a clean environment can install that package and avoid ImportError.

[cyberholics]

Hey @Tiioluwani your PR currently has merge conflicts. To fix this, please do the following:
Relocate the project: Move the finagent/ directory into the ai_agents/ category folder (so the new path is ai_agents/finagent/).
Sync with Main: Merge the latest main branch into your feature branch to resolve the conflicts in .gitignore and .env.example.
Verify structure: Ensure that financial_agents.py and other files are correctly placed within ai_agents/finagent/.
Once you've moved the files and resolved the conflicts, let me know, and I'll do a final review!

[coderabbitai]

Actionable comments posted: 1

♻️ Duplicate comments (3)

ai_agents/finagent/README.md (1)

19-30: ⚠️ Potential issue | 🟡 Minor

Clarify working directory in setup/launch instructions.

Lines 20-30 assume execution from ai_agents/finagent/. Please explicitly add cd ai_agents/finagent (or use fully prefixed paths) and clarify .env location expectations to avoid root-level execution failures.

📝 Proposed doc update

 ### 1. Requirements
-This tool runs within the shared repository environment. Ensure dependencies are met:
+From the repository root, run:
 ```bash
-pip install -r requirements.txt
+cd ai_agents/finagent
+pip install -r requirements.txt

@@

3. Launch

python main.py

</details>

<details>
<summary>🤖 Prompt for AI Agents</summary>

Verify each finding against the current code and only fix it if needed.

In @ai_agents/finagent/README.md around lines 19 - 30, Update the setup and
launch instructions in ai_agents/finagent/README.md to explicitly state the
working directory and .env location: instruct users to run "cd
ai_agents/finagent" before "pip install -r requirements.txt" (or use fully
prefixed paths) and clarify that the server loads OPENAI_API_KEY from the
repository root .env (or indicate an alternative if .env must be copied into
ai_agents/finagent); ensure the Launch section similarly requires running
"python main.py" from ai_agents/finagent or using the full path to main.py so
users don't run commands from the repo root by mistake.

</details>

</blockquote></details>
<details>
<summary>ai_agents/finagent/financial_agents.py (1)</summary><blockquote>

`37-43`: _⚠️ Potential issue_ | _🟠 Major_

**Wrap agent creation inside the existing error path.**

`get_financial_analyst_agent(...)` on Line 37 can throw before the `try`, so failures bypass your `"Error during analysis: ..."` handling.  
 

<details>
<summary>🔧 Proposed fix</summary>

```diff
-    agent = get_financial_analyst_agent(openai_api_key)
     try:
+        agent = get_financial_analyst_agent(openai_api_key)
         # Run the agent and collect response
         response = agent.run(query)
         return response.content

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@ai_agents/finagent/financial_agents.py` around lines 37 - 43, The call to
get_financial_analyst_agent(openai_api_key) can throw before the existing
try/except, so wrap agent creation inside the same error handling: move the
get_financial_analyst_agent(...) call into the try block that surrounds
agent.run(query) (or expand the try to include it), then keep the except
Exception as e returning "Error during analysis: {e}" so any creation or run
errors are caught; reference get_financial_analyst_agent and the
agent.run(query) use to locate the code.

ai_agents/finagent/requirements.txt (1)

1-6: ⚠️ Potential issue | 🔴 Critical

Add missing agno runtime dependency.

ai_agents/finagent/financial_agents.py imports agno.* (Lines 2-4 there), but Lines 1-6 here do not declare agno. Clean installs will fail with ImportError.

🔧 Proposed fix

 mcp
 yfinance
+agno
 openai==1.83.0
 python-dotenv
 pandas
 numpy

#!/bin/bash
set -euo pipefail

echo "Agno imports:"
rg -nP '^\s*(from|import)\s+agno(\.|$)' ai_agents/finagent/financial_agents.py -C1

echo
echo "Agno in requirements:"
rg -nP '^\s*agno(\b|[<>=])' ai_agents/finagent/requirements.txt || true

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@ai_agents/finagent/requirements.txt` around lines 1 - 6, The finagent
requirements file is missing the runtime dependency "agno" while
ai_agents/finagent/financial_agents.py imports agno.*; add an appropriate agno
entry to ai_agents/finagent/requirements.txt (e.g., "agno" or "agno==<version>"
if a specific version is required) so clean installs won't raise ImportError,
then re-run a pip install to verify imports in financial_agents.py succeed.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@ai_agents/finagent/requirements.txt`:
- Line 1: Update the unpinned dependency "mcp" in requirements.txt to a pinned
version that is 1.23.0 or later (for example change "mcp" to "mcp>=1.23.0" or
"mcp==1.23.0") so the dependency resolves to a non-vulnerable, reproducible
release and addresses GHSA-9h52-p55h-vw2f and GHSA-j975-95f5-7wqh.

---

Duplicate comments:
In `@ai_agents/finagent/financial_agents.py`:
- Around line 37-43: The call to get_financial_analyst_agent(openai_api_key) can
throw before the existing try/except, so wrap agent creation inside the same
error handling: move the get_financial_analyst_agent(...) call into the try
block that surrounds agent.run(query) (or expand the try to include it), then
keep the except Exception as e returning "Error during analysis: {e}" so any
creation or run errors are caught; reference get_financial_analyst_agent and the
agent.run(query) use to locate the code.

In `@ai_agents/finagent/README.md`:
- Around line 19-30: Update the setup and launch instructions in
ai_agents/finagent/README.md to explicitly state the working directory and .env
location: instruct users to run "cd ai_agents/finagent" before "pip install -r
requirements.txt" (or use fully prefixed paths) and clarify that the server
loads OPENAI_API_KEY from the repository root .env (or indicate an alternative
if .env must be copied into ai_agents/finagent); ensure the Launch section
similarly requires running "python main.py" from ai_agents/finagent or using the
full path to main.py so users don't run commands from the repo root by mistake.

In `@ai_agents/finagent/requirements.txt`:
- Around line 1-6: The finagent requirements file is missing the runtime
dependency "agno" while ai_agents/finagent/financial_agents.py imports agno.*;
add an appropriate agno entry to ai_agents/finagent/requirements.txt (e.g.,
"agno" or "agno==<version>" if a specific version is required) so clean installs
won't raise ImportError, then re-run a pip install to verify imports in
financial_agents.py succeed.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 5a7072f8-6d9f-46d7-b720-8fc6a4ebe6ea

📥 Commits

Reviewing files that changed from the base of the PR and between 154709c and 6a5e818.

⛔ Files ignored due to path filters (2)

• finagent/__pycache__/financial_agents.cpython-313.pyc is excluded by !**/*.pyc
• finagent/__pycache__/main.cpython-313.pyc is excluded by !**/*.pyc

📒 Files selected for processing (9)

• .gitignore
• ai_agents/finagent/.env.example
• ai_agents/finagent/.gitignore
• ai_agents/finagent/.vscode/launch.json
• ai_agents/finagent/README.md
• ai_agents/finagent/financial_agents.py
• ai_agents/finagent/main.py
• ai_agents/finagent/requirements.txt
• finagent/.env

💤 Files with no reviewable changes (1)

• finagent/.env

✅ Files skipped from review due to trivial changes (3)

• ai_agents/finagent/.env.example
• ai_agents/finagent/.gitignore
• .gitignore

[coderabbitai]

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🌐 Web query:

What is the first patched Python mcp SDK version for GHSA-9h52-p55h-vw2f and GHSA-j975-95f5-7wqh?

💡 Result:

The first patched Python MCP SDK version for GHSA-9h52-p55h-vw2f (CVE-2025-66416, DNS rebinding protection disabled by default) is 1.23.0. The first patched Python MCP SDK version for GHSA-j975-95f5-7wqh (Unhandled Exception in Streamable HTTP Transport Leading to Denial of Service, CVE-2025-53365) is not explicitly stated in available sources, but evidence points to version 1.9.4 or later. This is supported by the timeline: the related fix PR #967 was merged June 17, 2025, and v1.9.4 released June 12, 2025 explicitly includes "Fix uncaught exception in MCP server by @ddworken in modelcontextprotocol/python-sdk#822", with PR #967 also addressing uncaught exceptions. The advisory was published July 4, 2025, consistent with a patch in v1.9.4. Affected versions are listed as < patched version in similar advisories.

Citations:

• 1: GHSA-9h52-p55h-vw2f
• 2: https://nvd.nist.gov/vuln/detail/CVE-2025-66416
• 3: GHSA-j975-95f5-7wqh
• 4: Fix uncaught exception in MCP server modelcontextprotocol/python-sdk#967
• 5: GHSA-9h52-p55h-vw2f
• 6: https://github.com/modelcontextprotocol/python-sdk/security
• 7: https://github.com/advisories/GHSA-j975-95f5-7wqh/dependabot
• 8: https://github.com/modelcontextprotocol/python-sdk/releases/tag/v1.23.0
• 9: https://github.com/modelcontextprotocol/python-sdk/releases/tag/v1.9.4

---

Pin mcp to version 1.23.0 or later.

Unpinned dependency currently resolves to a version with high-severity vulnerabilities. Pin to at least 1.23.0 to address GHSA-9h52-p55h-vw2f and GHSA-j975-95f5-7wqh for both security and reproducibility.

🧰 Tools

🪛 OSV Scanner (2.3.5)

[HIGH] 1-1: mcp 1.9.4: Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default

(GHSA-9h52-p55h-vw2f)

---

[HIGH] 1-1: mcp 1.9.4: MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service

(GHSA-j975-95f5-7wqh)

---

[HIGH] 1-1: python-multipart 0.0.9: Denial of service (DoS) via deformation multipart/form-data boundary

(GHSA-59g5-xgcq-4qw3)

---

[HIGH] 1-1: python-multipart 0.0.9: Python-Multipart has Arbitrary File Write via Non-Default Configuration

(GHSA-wp53-j4wj-2cfg)

---

[HIGH] 1-1: tqdm 4.9.0: undefined

(PYSEC-2017-74)

---

[HIGH] 1-1: tqdm 4.9.0: tqdm CLI arguments injection attack

(GHSA-g7vv-2v7x-gj9p)

---

[HIGH] 1-1: tqdm 4.9.0: TDQM Arbitrary Code Execution

(GHSA-r7q7-xcjw-qx8q)

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@ai_agents/finagent/requirements.txt` at line 1, Update the unpinned
dependency "mcp" in requirements.txt to a pinned version that is 1.23.0 or later
(for example change "mcp" to "mcp>=1.23.0" or "mcp==1.23.0") so the dependency
resolves to a non-vulnerable, reproducible release and addresses
GHSA-9h52-p55h-vw2f and GHSA-j975-95f5-7wqh.