invoice-system
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE]: The skill is composed exclusively of Markdown files, including SKILL.md and eight reference documents in the references/ directory. There are no Python, JavaScript, or shell scripts included in the package.
- [PROMPT_INJECTION]: The instructions within SKILL.md and the reference files are strictly informational. There are no attempts to override system prompts, bypass safety filters, or use adversarial language to manipulate the agent's behavior.
- [DATA_EXFILTRATION]: No network access commands (such as curl or wget) or sensitive file path references (such as SSH keys or environment variables) were detected. The skill does not request or handle private user data.
- [EXTERNAL_DOWNLOADS]: The skill does not define any external dependencies or download remote code during execution. All reference materials are stored locally as static text files.
- [SAFE]: The skill operates entirely as a documentation repository. Its contents align perfectly with the stated purpose of providing tax-related guidance, and it follows established best practices for agent skills without introducing security risks.
Audit Metadata