spendguard-strict-budget-runner
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXFILTRATION] (SAFE): The script 'scripts/bootstrap_strict_budget.py' transmits API credentials to the 'base_url' for authentication. This is a functional requirement for interacting with the SpendGuard service.
- [EXTERNAL_DOWNLOADS] (SAFE): The quickstart documentation references downloading pricing schemas from 'api.cynsta.com', which is the official source for the service described.
- [PROMPT_INJECTION] (SAFE): The skill possesses a data ingestion surface through API responses in 'scripts/bootstrap_strict_budget.py'. 1. Ingestion point: 'scripts/bootstrap_strict_budget.py'. 2. Boundary markers: Absent. 3. Capability inventory: Network operations. 4. Sanitization: Absent. The risk is considered SAFE as the data is used for reporting rather than control flow.
Audit Metadata