Invoice Organizer
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes external data without sufficient safeguards.
- Ingestion points: Data is ingested via
extract_text_from_pdfandread_xlsx(SKILL.md). - Boundary markers: Absent; there are no delimiters to separate untrusted data from system instructions.
- Capability inventory: The skill has the ability to write files using
create_xlsx(SKILL.md). - Sanitization: Absent; no validation or sanitization is performed on the data extracted from files.
- [NO_CODE]: The skill package does not contain any executable scripts or source code files, relying entirely on external MCP tools defined in the metadata.
Audit Metadata