month-end-prep

Pass

Audited by Gen Agent Trust Hub on May 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [Local File Access]: The skill is configured to read from a local receipts folder and write financial reports to the desktop. This is a standard feature for local document management and reporting tools.
  • [Indirect Prompt Injection Surface]: The skill ingests transaction memos and descriptions from external financial APIs. (1) Ingestion points: QuickBooks transaction registers and settlement reports (SKILL.md). (2) Boundary markers: No specific delimiters are defined in the instructions for external data. (3) Capability inventory: File-write capabilities for generating Excel and PDF reports (SKILL.md). (4) Sanitization: No explicit sanitization of transaction strings is mentioned. This risk is addressed by the skill's design, which includes mandatory human-in-the-loop checkpoints before any final outputs are produced.
Audit Metadata
Risk Level
SAFE
Analyzed
May 13, 2026, 05:33 PM