invoice-organizer

Pass

Audited by Gen Agent Trust Hub on Jun 22, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill includes a Python script (scripts/extract_invoice.py) that executes the pdftotext command-line utility. The implementation uses a list of arguments for the subprocess.run call, which is the recommended secure practice to prevent shell injection vulnerabilities when handling file paths.
  • [DATA_EXFILTRATION]: No network activity was detected in any of the scripts or instructions. The skill is designed to process data locally, reading from PDF files and project documentation to generate internal reimbursement lists and archive files within the local filesystem.
  • [EXTERNAL_DOWNLOADS]: The documentation references poppler (which provides pdftotext) as a system dependency. This is a widely used and trusted open-source PDF utility. The skill does not attempt to download unverified remote scripts or execute code from untrusted external sources.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted content from invoice PDFs. However, the instructions include strict 'Hard Fail' rules that prohibit the agent from fabricating information or deviating from the source text, providing adequate mitigation for typical data-processing workflows.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 22, 2026, 04:28 PM
Security Audit — agent-trust-hub — invoice-organizer