my-cash-position
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local Python script (
scripts/parse_cash_position.py) using an absolute path to a specific virtual environment (/Users/ash/Documents/eoash/.venv/bin/python). - [PROMPT_INJECTION]: The skill processes untrusted data from external files (Excel, CSV, and XLS) located in the user's downloads directory, which represents an indirect prompt injection surface.
- Ingestion points: Reads files from
~/Downloads/matching various patterns (e.g.,Chase*.CSV,주식회사*.xlsx,ExcelSheet*.xls). - Boundary markers: No boundary markers or 'ignore instructions' delimiters are defined for the content of these processed files to prevent command or prompt injection.
- Capability inventory: The skill executes local Python scripts and performs network operations to interact with Plaid and Google APIs.
- Sanitization: There is no documented evidence of content sanitization or validation for the data ingested from the external spreadsheets before it is processed by the script.
Audit Metadata