expense-report
Pass
Audited by Gen Agent Trust Hub on May 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs its primary function of expense report generation without accessing sensitive system files or making unauthorized network connections.
- [PROMPT_INJECTION]: The skill processes untrusted receipt data, creating a surface for indirect prompt injection. However, the risk is minimal as the agent's task is limited to structured data extraction.
- Ingestion points: Processes user-provided receipt files from identified folders in
SKILL.md. - Boundary markers: Not specified.
- Capability inventory: File system read/write and task scheduling.
- Sanitization: Not specified.
- [COMMAND_EXECUTION]: The skill includes a feature to schedule recurring reports. This is a functional requirement for the skill and is implemented as a user-approved workflow.
Audit Metadata