pp-monarch-money
Pass
Audited by Gen Agent Trust Hub on Jun 15, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the installation of the
monarch-money-pp-clitool using NPM (@mvanhorn/printing-press-library) or Go (github.com/mvanhorn/printing-press-library). These resources belong to the vendor and represent standard installation procedures for the skill's dependencies. - [COMMAND_EXECUTION]: The skill is designed to drive the
monarch-money-pp-clibinary. It executes various subcommands for data retrieval (accounts, tags, transactions, cashflow) and data modification (transactions create/update/delete). Modification commands are protected by a mandatory dry-run step unless the--yesflag is explicitly provided. - [DATA_EXFILTRATION]: The CLI tool facilitates communication with Monarch Money's external GraphQL API to manage financial data. This network activity is the primary intended purpose of the skill.
- [PROMPT_INJECTION]: The skill creates a surface for indirect prompt injection as it retrieves data from an external source (Monarch Money). If a transaction note or merchant name contains malicious instructions and the agent processes this data without sufficient sanitization, it could influence the agent's subsequent behavior.
Audit Metadata