invoice-organizer
Pass
Audited by Gen Agent Trust Hub on Jun 22, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill includes a Python script (
scripts/extract_invoice.py) that executes thepdftotextcommand-line utility. The implementation uses a list of arguments for thesubprocess.runcall, which is the recommended secure practice to prevent shell injection vulnerabilities when handling file paths. - [DATA_EXFILTRATION]: No network activity was detected in any of the scripts or instructions. The skill is designed to process data locally, reading from PDF files and project documentation to generate internal reimbursement lists and archive files within the local filesystem.
- [EXTERNAL_DOWNLOADS]: The documentation references
poppler(which providespdftotext) as a system dependency. This is a widely used and trusted open-source PDF utility. The skill does not attempt to download unverified remote scripts or execute code from untrusted external sources. - [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted content from invoice PDFs. However, the instructions include strict 'Hard Fail' rules that prohibit the agent from fabricating information or deviating from the source text, providing adequate mitigation for typical data-processing workflows.
Audit Metadata