The Agent Skills Directory

[SAFE]: The skill performs local processing of tax and transaction data. It follows security best practices by using the defusedxml library to prevent XML External Entity (XXE) attacks when parsing report files.
[EXTERNAL_DOWNLOADS]: The skill makes network requests to api.serendb.com for the purpose of validating API keys and checking account balances. These operations are performed against the vendor's own infrastructure and are consistent with the skill's documented functionality.
[DATA_EXFILTRATION]: While the skill can persist reconciliation data to a PostgreSQL database via the SERENDB_URL environment variable, this is an optional and documented feature for maintaining audit trails. No evidence of unauthorized data transmission was found.

carf-dac8-crypto-asset-reporting