The Agent Skills Directory

[SAFE] (SAFE): No malicious patterns or security risks were identified in the analyzed content. The Python code snippets are illustrative and do not perform any dangerous operations.
[Category 2: Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, sensitive file paths, or unauthorized network operations were found.
[Category 4: Unverifiable Dependencies] (SAFE): The skill does not define or install any external packages or remote scripts.
[Category 8: Indirect Prompt Injection] (LOW): The skill defines a surface area for processing external invoice data, which is a common vector for indirect injection. However, it incorporates validation steps and follows standard business logic.
Ingestion points: process_invoice method in SKILL.md processes invoice data through OCR.
Boundary markers: Not explicitly defined in the provided snippets.
Capability inventory: Includes database querying (duplicate detection) and routing for payment/approval.
Sanitization: Includes a validate_invoice_data call intended to verify extracted data structure.
[Category 10: Dynamic Execution] (SAFE): No runtime code generation or unsafe deserialization patterns were detected.

accounts-payable-workflow