digits
Pass
Audited by Gen Agent Trust Hub on Apr 27, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill involves fetching data from the external Digits API, which creates a surface for indirect prompt injection.
- Ingestion points: Data is retrieved from Digits for resources like ledger accounts and financial reports via the Apideck Accounting API.
- Boundary markers: No delimiters or instructions are provided to help the agent distinguish between its instructions and potentially malicious content within the fetched data.
- Capability inventory: The skill enables the agent to read and write financial data across the unified API surface.
- Sanitization: There is no mention of sanitizing or validating the content of the API responses before they are processed by the agent.
Audit Metadata