tax-filing
Pass
Audited by Gen Agent Trust Hub on Apr 15, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill downloads blank tax forms and instructional data from official government websites, including IRS.gov and FTB.ca.gov.
- [COMMAND_EXECUTION]: Performs local execution of Python scripts for field discovery, form filling, and verification. It also utilizes inline Python code for text extraction from user-provided PDF files.
- [PROMPT_INJECTION]: The skill ingests untrusted data from user documents (W-2s, 1099s, CSVs), which represents an indirect prompt injection surface where embedded content could attempt to influence the agent's logic during extraction.
- Ingestion points: Files loaded from the
source/directory. - Boundary markers: None explicitly implemented for the text extraction phase.
- Capability inventory: Local file system read/write, network access (HTTPS) for form acquisition, and execution of local Python scripts.
- Sanitization: Extracted document text is stored and processed without explicit sanitization or validation steps.
Audit Metadata