moneta-reconcile
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides examples that execute local shell commands using the 'pnpm' package manager (e.g., 'pnpm parse:all' and 'pnpm gains'). These commands trigger local scripts such as 'scripts/parse-all.ts' to process and reconcile data.
- [PROMPT_INJECTION]: The skill's architecture presents a surface for indirect prompt injection as it processes content from potentially untrusted external files.
- Ingestion points: The skill loads source documents from the 'source/' directory and various transaction logs from the 'normalized/' folder.
- Boundary markers: There are no explicit instructions or delimiters defined to prevent the agent from interpreting instructions that might be embedded within the accounting source files.
- Capability inventory: The skill is capable of executing local shell commands via 'pnpm' and reading/reporting on numerous local files.
- Sanitization: No sanitization or validation logic is specified to filter out non-data instructions from the ingested source files.
Audit Metadata