invoice
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting untrusted work log text from users and interpolating it into HTML templates without explicit sanitization or escaping. This could allow malicious content to be included in the generated HTML invoice files. Ingestion point: User-pasted work log text (SKILL.md). Boundary markers: Absent. Capability inventory: Local file writing (SKILL.md). Sanitization: Absent.\n- [EXTERNAL_DOWNLOADS]: The invoice templates reference the Inter font family from Google's official font service, which is a trusted provider.\n- [COMMAND_EXECUTION]: The skill performs local file system operations by saving generated HTML invoice files to a hardcoded path on the user's desktop (/Users/arlenagreer/Desktop/).
Audit Metadata