invoice-organizer
Pass
Audited by Gen Agent Trust Hub on Jun 14, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements a legitimate productivity tool for financial organization. It uses standard Python modules like
csv,json, andargparseto process local files without any suspicious behavior. - [DATA_EXPOSURE]: Although the skill processes sensitive financial data, all operations are local. The script
scripts/invoice_categorizer.pyreads user-provided CSV files but does not include any network functions or exfiltration logic. No hardcoded credentials or sensitive system paths were detected. - [COMMAND_EXECUTION]: No instances of arbitrary command execution, shell injection vulnerabilities, or unsafe execution of dynamic code (such as
eval()orexec()) were found in the provided scripts. - [REMOTE_CODE_EXECUTION]: The skill does not define any external Python or Node.js dependencies and contains no logic to download or execute scripts from remote servers.
- [PROMPT_INJECTION]: The instructions in
SKILL.mdare focused on workflow guidance and do not contain patterns designed to override agent safety protocols or system instructions.
Audit Metadata