3-statement-model
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface.
- Ingestion points: Financial data and templates are ingested from external sources and SEC filings (SKILL.md, references/sec-filings.md).
- Boundary markers: No explicit delimiters or boundary markers for untrusted data are provided.
- Capability inventory: The skill uses Office JS and openpyxl to write to files and navigate workbooks.
- Sanitization: While no specific data sanitization is described, the skill mandates a multi-step human-in-the-loop validation process and automated integrity checks (Step 4, 5, and 6) to verify all outputs.
- [COMMAND_EXECUTION]: The skill instructions reference a script named recalc.py to handle workbook recalculation when generating files via the openpyxl library. This is standard functionality for that library and is used to ensure mathematical integrity in programmatically generated models.
Audit Metadata