cost-verification-auditor
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection.
- Ingestion points: The skill is designed to analyze external data including token estimates and actual API usage logs from files or tool outputs.
- Boundary markers: There are no explicit delimiters or instructions defined to prevent the agent from following prompts hidden within the audited usage data.
- Capability inventory: The skill is configured with 'Bash', 'Read', and 'Write' tool access, allowing for file system and shell operations.
- Sanitization: No input validation or sanitization of the audited data is specified in the documentation.
- [NO_CODE]: No executable scripts or source code files are included with the skill. The provided logic consists of documentation, guidelines, and non-executable pseudo-code snippets.
Audit Metadata