invoice-organizer
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted data from invoices and receipts, which creates a risk of indirect prompt injection. Malicious content within these documents could be used to manipulate the agent's behavior during data extraction or file organization.
- Ingestion points: PDF, JPG, and PNG files located in user-specified folders (SKILL.md).
- Boundary markers: Absent. The skill does not provide instructions for the agent to use delimiters or to ignore instructions found within the documents being processed.
- Capability inventory: The skill uses shell commands like
find,mkdir,cp, andmvto organize files (SKILL.md). - Sanitization: Absent. The instructions do not require the agent to sanitize or validate extracted text (such as vendor names) before using it in filenames or directory paths.
Audit Metadata