recurring-transactions
Pass
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The script
scripts/run.pyexecutes theserenCLI tool to resolve database connectivity details. The execution uses controlled arguments derived from configuration. - [DATA_EXFILTRATION]: The skill communicates with a user-defined PostgreSQL database to retrieve transaction history. This behavior is consistent with the skill's primary function and does not involve unauthorized data transfer.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes raw transaction descriptions from bank data and incorporates them into reports. Evidence chain: (1) Ingestion points:
scripts/run.pyretrieves transaction descriptions from thewf_transactionstable. (2) Boundary markers: The generated Markdown reports do not use explicit delimiters or warnings to isolate untrusted data. (3) Capability inventory: The skill can write to the local filesystem and the configured database. (4) Sanitization: Basic payee normalization is performed inscripts/recurring_detector.pyusing regular expressions.
Audit Metadata