Skills
skills/thearchitectit/awesome-opencode-skills/invoice-organizer/Gen Agent Trust Hub

invoice-organizer

Pass

Audited by Gen Agent Trust Hub on Mar 17, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted external data from invoices and receipts, which serves as an indirect prompt injection surface.
  • Ingestion points: Extracts data from PDF, JPG, and PNG files located in user-provided directories using text extraction and OCR.
  • Boundary markers: The instructions do not define specific delimiters or instructions to prevent the agent from interpreting text within the processed documents as commands.
  • Capability inventory: The skill utilizes file system commands including find, mkdir, cp, and mv to restructure directories.
  • Sanitization: No explicit sanitization or validation of the extracted vendor names, dates, or descriptions is defined before they are used in file naming and folder creation.
  • [COMMAND_EXECUTION]: The skill relies on executing shell commands to perform its core file management and search tasks.
  • Evidence: Employs find to scan for documents and mkdir, cp, and mv to organize files based on information extracted from potentially adversarial document content.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 17, 2026, 12:21 AM