Expense Tracker
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE]: The skill is composed entirely of YAML configuration and Markdown documentation defining finance workflows. It does not contain any executable scripts (Python, Node.js), binaries, or shell commands.
- [SAFE]: The skill integrates with well-known accounting and expense management services such as Expensify, SAP Concur, and QuickBooks. The logic described for policy compliance and approval matrices is consistent with standard business practices and lacks any signs of prompt injection, data exfiltration, or malicious persistence mechanisms. While the skill possesses an attack surface for indirect prompt injection due to processing receipt OCR data and having write-access capabilities to accounting software, this is a functional requirement for the task and no malicious exploitation patterns were found in the templates provided.
Audit Metadata