financial-statements
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: No malicious instructions, obfuscation, or unauthorized data access patterns were identified in the analyzed files.
- [NO_CODE]: The skill consists entirely of Markdown-based guidelines and does not contain any scripts, binaries, or automated command execution logic.
- [EXTERNAL_DOWNLOADS]: The skill includes references to official South Korean institutional websites such as the Korea Accounting Standards Board (kasb.or.kr), the Financial Supervisory Service (dart.fss.or.kr), and the National Tax Service (nts.go.kr). These are well-known and legitimate sources for financial compliance and regulatory data.
- [PROMPT_INJECTION]: The skill demonstrates an indirect prompt injection surface as it is designed to process external financial documents provided by users.
- Ingestion points: Prior year financial statements and transaction data requested in the 'Problem Solving' section of SKILL.md.
- Boundary markers: None present; the instructions do not define delimiters for user-provided data.
- Capability inventory: None; the skill configuration does not request or authorize the use of shell commands, filesystem access, or network tools.
- Sanitization: None; there are no instructions for validating or escaping content within the provided financial documents.
- Assessment: Since the skill lacks any dangerous execution capabilities (no tools or scripts), the presence of this ingestion surface does not pose a functional security risk.
Audit Metadata