receipt-ocr

Pass

Audited by Gen Agent Trust Hub on Jun 24, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill does not contain any malicious patterns, obfuscation, or instructions designed to bypass AI safety guidelines.
  • [COMMAND_EXECUTION]: The skill performs local file system operations, including renaming image files and creating or updating markdown files (YYYY-MM-memo.md). These actions are strictly for organizing receipt data and are consistent with the skill's primary purpose.
  • [DATA_EXFILTRATION]: While the skill processes financial information (receipts), it does so locally. There are no network tools (like curl or wget) or external URLs used for data transmission.
  • [PROMPT_INJECTION]: The core rules and procedures provide clear, benign instructions for data processing. There are no attempts to override system prompts or extract internal configuration.
  • [CREDENTIALS_UNSAFE]: No hardcoded API keys, tokens, or sensitive file paths (such as .ssh or .aws) are accessed or requested by the skill.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 24, 2026, 07:34 AM
Security Audit — agent-trust-hub — receipt-ocr