tgw-invoice-reimbursement
Pass
Audited by Gen Agent Trust Hub on Jun 29, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill uses a local Python script (
scripts/invoice_reimbursement.py) to parse PDF text and generate spreadsheets. This script uses standard libraries and does not invoke shell commands with untrusted input. - [EXTERNAL_DOWNLOADS]: The skill identifies dependencies on well-known and trusted Python packages
openpyxlandpdfminer.sixfor handling Excel files and PDF extraction. - [DATA_EXFILTRATION]: No network exfiltration or unauthorized data access was detected. The script is designed to process local files in user-specified directories and includes explicit instructions against uploading data to external services.
- [PROMPT_INJECTION]: No malicious prompt injection patterns were found. The skill's instructions focus on maintaining operational boundaries and adhering to privacy guidelines.
Audit Metadata