transfer-pricing-review
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a legitimate template for financial auditing. It follows a standard professional workflow for transfer pricing reviews, including price comparison and risk evaluation, with no evidence of malicious intent or hidden code.
- [DATA_EXFILTRATION]: The skill processes sensitive intercompany financial data (transaction amounts, pricing methods, and internal records) from systems like ERP and IC. This is the primary and intended function of the skill; no unauthorized network exfiltration patterns or suspicious data transmission commands were detected.
- [PROMPT_INJECTION]: The skill ingests data from external sources, including ERP records and a project configuration file (
../../CLAUDE.md). While it lacks specific boundary markers (like XML tags) to isolate untrusted data, this represents a typical design for data-analysis skills and does not constitute a malicious finding in this context.
Audit Metadata