moneybird
Pass
Audited by Gen Agent Trust Hub on Apr 27, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill instructions enable the agent to ingest external data from Moneybird, which creates a surface for indirect prompt injection.
- Ingestion points: The agent retrieves data such as invoices, bills, and customer records from the Moneybird API via Apideck.
- Boundary markers: The skill does not specify the use of delimiters or instructions for the agent to ignore embedded commands within the retrieved accounting data.
- Capability inventory: The agent is given instructions on how to perform both read and write operations across various accounting resources.
- Sanitization: No data validation or sanitization procedures are described for handling content returned from the external API.
Audit Metadata