invoice-chase
Pass
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE]: The skill consists entirely of Markdown instructions and documentation; it contains no executable code, scripts, or binaries.
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it ingests data from external accounting and payment systems.
- Ingestion points: Financial reports, invoices, and payment history retrieved via platform tools or user-provided files.
- Boundary markers: No explicit delimiters are specified for the incoming data.
- Capability inventory: The agent has the capability to send messages via email and messaging tools.
- Sanitization: This risk is effectively mitigated by mandatory 'approval gates' that require the owner to explicitly review and confirm every draft before any external action is taken.
- [SAFE]: The skill follows security best practices by enforcing human review for all external communications and verifying recent transactions to ensure data accuracy before contacting clients.
Audit Metadata