TransactionSyncing
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill processes data from Fidelity CSV files, which could contain adversarial strings intended to influence the agent's behavior during the sync process.
- Ingestion points: Transaction data is read from
notebooks/transactions/History_for_Account_{account_id}.csv. - Boundary markers: Absent. The parsed CSV values are used directly in logic and tool calls without delimiters.
- Capability inventory: The skill uses
mcp__gdrive__sheetsfor reading and writing to spreadsheets and has access to local files. - Sanitization: Descriptions are truncated to 50 characters, and transaction actions are mapped to a fixed set of simplified actions, reducing the available payload for potential injections.
- Data Exposure (SAFE): While the skill accesses sensitive financial CSVs and a user profile configuration, this access is necessary for its stated purpose and the data is only moved to the user's designated Google Sheet.
Audit Metadata