tgw-invoice-reimbursement

Pass

Audited by Gen Agent Trust Hub on Jun 29, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses a local Python script (scripts/invoice_reimbursement.py) to parse PDF text and generate spreadsheets. This script uses standard libraries and does not invoke shell commands with untrusted input.
  • [EXTERNAL_DOWNLOADS]: The skill identifies dependencies on well-known and trusted Python packages openpyxl and pdfminer.six for handling Excel files and PDF extraction.
  • [DATA_EXFILTRATION]: No network exfiltration or unauthorized data access was detected. The script is designed to process local files in user-specified directories and includes explicit instructions against uploading data to external services.
  • [PROMPT_INJECTION]: No malicious prompt injection patterns were found. The skill's instructions focus on maintaining operational boundaries and adhering to privacy guidelines.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 29, 2026, 02:26 AM
Security Audit — agent-trust-hub — tgw-invoice-reimbursement