odoo-month-end-close

Pass

Audited by Gen Agent Trust Hub on Jul 2, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is designed to ingest and process external accounting data from an Odoo database, which represents an indirect prompt injection surface where record content could attempt to influence agent logic.
  • Ingestion points: Data is retrieved from Odoo records using search_records and aggregate_records as described in SKILL.md.
  • Boundary markers: The skill contains explicit 'Hard rules' and playbook steps (Step 6) that mandate human sign-off for every modification or state change.
  • Capability inventory: The agent has the capability to modify database records via execute_approved_write and post to communication logs via chatter_post.
  • Sanitization: The workflow incorporates a human review checkpoint where the agent must present a preview_write diff for approval before executing any permanent changes.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 2, 2026, 05:44 PM
Security Audit — agent-trust-hub — odoo-month-end-close