financials-normalizer
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFE
Full Analysis
- Data Processing Workflow: The skill coordinates several local Python scripts to transform, normalize, and validate financial data from source materials into standardized CSV and XLSX outputs. This represents a well-structured approach to data management.
- Subprocess Execution: The skill invokes specific local scripts (
normalize_extracted_financials.py,validate_normalized_financials.py) to perform its core functions. These scripts utilize standard Python libraries for file I/O and data parsing, such ascsvandjson. - Input Ingestion: The skill is designed to ingest user-provided financial documents (PDFs, XLSX, CSV). While this constitutes an indirect prompt injection surface, the risk is addressed through explicit validation scripts and QA protocols defined in the reference documentation.
- Credential Management: No hardcoded credentials or unsafe secret handling practices were identified. The skill correctly instructs users to manage source reliability and freshness through a source index.
- Resource Management: The skill references shared workflow components (e.g.,
../../shared/workflow-source-resolution.md), which is standard practice for modular skill architectures within the vendor's environment.
Audit Metadata