freee-api-skill

Pass

Audited by Gen Agent Trust Hub on May 19, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill documents the use of standard MCP tools (e.g., freee_api_get, freee_api_post) to interact with freee services. These tools are used as intended for data retrieval and submission within the scoped environment.
  • [EXTERNAL_DOWNLOADS]: The documentation references official vendor packages freee-mcp and freee-sign-mcp from the npm registry. These are legitimate resources authored by the vendor for setting up the required MCP server environment.
  • [DATA_EXFILTRATION]: No unauthorized data access or exfiltration patterns were found. The skill facilitates interactions with the user's own freee account through authenticated API endpoints on the vendor's official domains.
  • [PROMPT_INJECTION]: No malicious prompt injection attempts were detected. Instructions provided to the agent are consistent with the stated purpose of assisting users with freee-related tasks.
  • [NO_CODE]: The skill primarily consists of markdown documentation and JSON evaluation files. It does not include executable scripts or logic that would run automatically on the agent's host system without user initiation during the setup phase.
Audit Metadata
Risk Level
SAFE
Analyzed
May 19, 2026, 02:23 AM
Security Audit — agent-trust-hub — freee-api-skill