invoice-organizer
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Uses standard shell utilities like
find,mkdir,cp, andmvto automate the discovery and organization of invoice files within user-specified directories.- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection due to its core function of processing untrusted text from external documents. - Ingestion points: The agent extracts data from user-provided PDF, JPG, and PNG files located in local folders.
- Boundary markers: Instructions do not provide explicit delimiters or warnings to treat the extracted content strictly as passive data, increasing the risk of the agent following instructions found inside the invoices.
- Capability inventory: The skill can perform file discovery and move/copy files via shell commands.
- Sanitization: While it mentions basic filename sanitization, it does not detail specific validation or filtering for extracted text before it enters the agent context.
Audit Metadata