stripe-import
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill provides clear instructions for importing financial data from Stripe CSV exports. It includes logic to prevent duplicates and defines column mappings. No malicious patterns or unauthorized commands were detected.\n- [NO_CODE]: The skill consists entirely of markdown instructions and YAML configuration. No executable scripts, binaries, or source code files were included for analysis.\n- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it processes external CSV data. The risk is minimized by the skill's restricted scope and reliance on platform-provided tools.\n
- Ingestion points: CSV data via user-provided file path (SKILL.md).\n
- Boundary markers: None; relies on CSV format structure.\n
- Capability inventory:
transaction_search,categorize, andexport_transactions(platform tools).\n - Sanitization: Header validation and row filtering by type and status.
Audit Metadata