fiscal
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONREMOTE_CODE_EXECUTION
Full Analysis
- [SAFE]: No malicious code, obfuscation, or persistence mechanisms were detected. The skill's behavior aligns perfectly with its documentation and its primary purpose of managing Actual Budget via the CLI.
- [COMMAND_EXECUTION]: The skill interfaces with the 'fscl' binary to perform financial operations. Commands are used to manage accounts, transactions, and categories, which is the core intended functionality of the skill.
- [PROMPT_INJECTION]: The skill processes untrusted bank transaction data, which presents an indirect prompt injection surface.
- Ingestion points: Bank files (CSV, OFX, QIF, CAMT) are imported via the 'fscl transactions import' command as described in 'references/import-guide.md'.
- Boundary markers: The skill relies on CLI JSON output but does not explicitly define delimiters for individual data fields within its instructions.
- Capability inventory: The agent can execute 'fscl' commands, write local draft files, and synchronize with a remote budget server.
- Sanitization: The skill does not explicitly mention sanitization of transaction field content, relying on the underlying 'fscl' tool's parsing.
- [REMOTE_CODE_EXECUTION]: The skill supports dynamic execution through ActualQL queries and transaction rules with formulas. These capabilities are part of the standard 'fscl' feature set and are used for routine reporting and automation tasks.
Audit Metadata