extract-bank-statement
Pass
Audited by Gen Agent Trust Hub on Jul 8, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect prompt injection surface detected. The skill is designed to ingest and process data from external, untrusted bank statement files (PDF and CSV).
- Ingestion points:
SKILL.md(Step 0, Step 2, Step 5) identifies reading and parsing user-provided bank documents. - Boundary markers: None explicitly defined to isolate input data from instructional context.
- Capability inventory:
SKILL.mdinstructions include executing local Python scripts via subprocess calls and writing data to.xlsxand.jsonfiles on the local file system. - Sanitization: The skill employs mitigation strategies such as using programmatic text extraction (
pdfplumber) and regex adapters instead of direct LLM vision/text interpretation, and includes mandatory balance-proof reconciliation to detect data manipulation or parsing errors.
Audit Metadata