fin-guru-checklist
Pass
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE] (SAFE): The skill consists entirely of markdown-based instructions for the AI agent and does not include any scripts or executable files.
- [Indirect Prompt Injection] (LOW): The skill reads checklist data from local files at {project-root}/fin-guru/checklists/. This presents a potential surface for indirect prompt injection if those files are controlled by an untrusted party. Evidence Chain: 1. Ingestion points: {project-root}/fin-guru/checklists/ 2. Boundary markers: Absent 3. Capability inventory: None (no scripts present) 4. Sanitization: Absent
Audit Metadata