Skills
skills/arlenagreer/claude_configuration_docs/invoice/Gen Agent Trust Hub

invoice

Pass

Audited by Gen Agent Trust Hub on Apr 17, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The invoice templates (assets/hourly-invoice-template.html and assets/subscription-invoice-template.html) reference CSS from Google Fonts, which is a well-known service. \n- [PROMPT_INJECTION]: The skill is designed to ingest and process work log data provided by users to populate invoice line items. This creates a surface for indirect prompt injection, though the potential impact is limited by the skill's restricted file-writing capabilities. \n
  • Ingestion points: User-pasted work log text (SKILL.md). \n
  • Boundary markers: Not explicitly defined for the input data. \n
  • Capability inventory: Reads and updates the local clients.json file; writes HTML files to the Desktop directory. \n
  • Sanitization: No specific sanitization or validation of the work log content is described.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 17, 2026, 03:18 PM