plaid-integration
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXFILTRATION]: The skill's primary function is to fetch and store sensitive financial data, including bank account details and transaction history, from the Plaid API. This behavior is the stated purpose of the skill and uses official endpoints.
- [CREDENTIALS_UNSAFE]: The provided code examples demonstrate storing Plaid access_token values in a local SQLite database (plaid.db). These tokens grant persistent access to linked financial accounts and should be handled securely by the user.
- [EXTERNAL_DOWNLOADS]: The skill references and uses the official Plaid Link SDK hosted on Plaid's CDN (https://cdn.plaid.com/link/v2/stable/link-initialize.js). This is a trusted and standard component for the integration flow.
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it processes external data from the Plaid API. Ingestion points: Financial data returned by transactionsGet and accountsGet endpoints. Boundary markers: No explicit delimiters or instructions are used to ignore embedded commands in the fetched data. Capability inventory: The skill performs local file system writes and network operations. Sanitization: The implementation uses prepared statements to prevent SQL injection, though it does not explicitly sanitize the text content for LLM-specific injection patterns.
Audit Metadata