accounting-workflow
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFEDATA_EXFILTRATIONEXTERNAL_DOWNLOADSPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [DATA_EXFILTRATION]: The skill transmits the contents of PDF bank statements to the Reducto API (platform.reducto.ai) for OCR-based data extraction. This is a documented part of the processing workflow for scanned documents.\n- [EXTERNAL_DOWNLOADS]: Fetches processed transaction data and structured tables from Reducto's cloud infrastructure during the ingestion phase.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection via the bank statement processing surface. \n
- Ingestion points: Bank statement descriptions extracted in
scripts/extract_bank_statements_reference.py.\n - Boundary markers: None identified in the extraction or classification scripts.\n
- Capability inventory: Subprocess execution of Python scripts and file writing (Excel/PDF) in the
scripts/directory.\n - Sanitization: None; transaction descriptions are written directly to Excel cells in
scripts/build_workpapers_reference.pywithout escaping characters that trigger formulas (e.g.,=,+,-,@), creating a risk of formula injection when the generated workbook is opened.\n- [COMMAND_EXECUTION]: Utilizes theBashtool to run local Python scripts that handle core accounting logic, Excel generation, and PDF reporting.
Audit Metadata