e-bookkeeping-compliance
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill performs its primary function by executing shell commands using the shinkoku CLI utility. These commands are used to generate financial reports, search ledger entries, and inspect audit logs from a local database file.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes and displays data retrieved from the database which could contain malicious instructions.
- Ingestion points: Data enters the agent's context through the output of shinkoku ledger search and shinkoku ledger audit-log in Step 1 and Step 2.
- Boundary markers: The skill does not employ boundary markers or specific instructions to the agent to ignore any potential commands embedded within the retrieved database records.
- Capability inventory: The agent is authorized to execute multiple shinkoku subcommands and read local documentation files.
- Sanitization: There is no evidence of data sanitization or filtering applied to the database records before they are formatted into tables for the user.
Audit Metadata