budget-variance-tracker
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: LOWPROMPT_INJECTIONNO_CODE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill processes external JSON data to generate financial insights, creating a potential vector for instructions embedded in the data to influence agent behavior. ● Ingestion points: The input argument in SKILL.md specifies a path to external JSON data. ● Boundary markers: Absent; there are no instructions to delimit or ignore instructions within the JSON. ● Capability inventory: Reading local files and providing natural language analysis. ● Sanitization: Not specified in the metadata.
- [Data Exposure] (LOW): Use of file path arguments (input, out) allows the agent to interact with the local file system.
- [No Code] (INFO): No implementation logic or scripts were provided; analysis is limited to the interface definition in the markdown file.
Audit Metadata