income-tax
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill invokes local CLI commands such as
shinkoku tax calc-incomeandshinkoku import import-withholdingto manage tax data and calculations. These commands are part of the vendor's specialized toolset and operate on local JSON inputs. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its document processing workflow.
- Ingestion points: External data enters the context via OCR extraction from documents like withholding slips and insurance certificates.
- Boundary markers: The prompt does not specify the use of delimiters or 'ignore' instructions for the data extracted from OCR.
- Capability inventory: The skill can execute shell commands via the
shinkokutool and perform file operations using Read/Write tools. - Sanitization: Although the skill uses a dual-verification mechanism to ensure the correctness of extracted numbers, it lacks specific sanitization or filtering to prevent the interpretation of malicious instructions embedded in document text.
Audit Metadata