money-finance

Pass

Audited by Gen Agent Trust Hub on May 16, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No malicious patterns or security vulnerabilities were identified in the skill.
  • [DATA_EXFILTRATION]: While the skill mentions integration with Stripe and other internal modules (such as /money-ads and /money-outreach) to pull revenue and expense data, it does not contain hardcoded credentials, sensitive local file access, or unauthorized data transmission logic.
  • [PROMPT_INJECTION]: The skill processes financial data from external sources (Stripe, marketing tools) to generate reports. This represents an indirect injection surface. * Ingestion points: Revenue data from Stripe integration, spend data from /money-ads, acquisition data from /money-outreach, and content ROI from /money-content. * Boundary markers: None explicitly defined for external data interpolation. * Capability inventory: No subprocess calls, file-write operations, or network exfiltration patterns are present in the provided instructions; behavior is limited to data presentation and report generation. * Sanitization: Not specified, however, the skill primarily uses data for arithmetic calculation and dashboard population.
Audit Metadata
Risk Level
SAFE
Analyzed
May 16, 2026, 03:34 PM
Security Audit — agent-trust-hub — money-finance