credit-case-intake-check
Pass
Audited by Gen Agent Trust Hub on Jun 29, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill invokes a local validation utility,
scripts/validate_intake_check.py, to ensure input data follows the required schema. The script is implemented using standard Python libraries (re,sys,datetime) and performs benign validation logic such as checking field presence and format. It does not contain any patterns indicative of command injection or malicious payload execution. - [DATA_EXFILTRATION]: The workflow requires access to sensitive customer and credit information from internal APIs (ECIF, Industry/Commerce records). This data access is central to the skill's legitimate business purpose and is conducted through specified system APIs within the author's trusted infrastructure. There are no attempts to transmit sensitive data to unauthorized external entities or non-whitelisted domains.
- [SAFE]: The skill demonstrates high-quality development standards, including robust 'provenance' documentation that traces rules to official regulations, structured audit logging in JSON format, and comprehensive test cases. It strictly adheres to regulatory requirements and includes explicit constraints to prevent the bypass of critical compliance checks like 'veto' conditions.
Audit Metadata