invoice-organizer
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection by processing external data from untrusted invoices.
- Ingestion points: Scans and reads PDF, JPG, and PNG files from the local file system (SKILL.md).
- Boundary markers: No explicit delimiters or safety instructions are provided to separate document content from the agent's logic.
- Capability inventory: The agent can execute shell commands (find, mkdir, cp, mv) and generate CSV files.
- Sanitization: No sanitization or validation of extracted text is mentioned before it is used in filenames or summary reports.
- [COMMAND_EXECUTION]: The skill relies on shell commands to perform file discovery and organization.
- Evidence: Instructions specify the use of find, mkdir, cp, and mv commands for scanning, creating directories, and moving/copying files.
Audit Metadata