Skills
skills/skills-il/accounting/israeli-receipt-scanner/Gen Agent Trust Hub

israeli-receipt-scanner

Pass

Audited by Gen Agent Trust Hub on Apr 16, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data from receipts (images or OCR text) that could contain malicious instructions.
  • Ingestion points: Untrusted receipt images and raw OCR text are processed in SKILL.md (Step 1) and SKILL_HE.md (Step 1).
  • Boundary markers: Absent. The skill does not instruct the agent to use delimiters or ignore instructions found within the receipt data.
  • Capability inventory: The skill environment allows powerful operations including Bash(python:*), WebFetch, and file system modifications (Read, Edit, Write) as defined in the frontmatter of SKILL.md.
  • Sanitization: Absent. There is no mention of validating or escaping the extracted text before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 16, 2026, 01:00 AM