receipt-scanner
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill processes untrusted image data via OCR. Malicious text embedded within a receipt could potentially influence an agent if it blindly trusts the extracted 'vendor' or 'item' names as instructions.
- Ingestion points:
receipt_scanner.py(viacv2.imreadandpytesseract.image_to_string). - Boundary markers: Absent in text extraction.
- Capability inventory: Local file read and JSON write.
- Sanitization: None; output is raw OCR text formatted by regex.
- [Unverifiable Dependencies] (SAFE): The dependencies (pytesseract, opencv-python, pandas, pillow) are industry-standard libraries for image processing and data analysis.
- [Data Exposure & Exfiltration] (SAFE): No network requests or access to sensitive local directories (e.g., ~/.ssh) were found. The script only interacts with the user-provided input and output paths.
Audit Metadata