Skills
skills/sarfraznawaz2005/agent-skills-collection/invoice-organizer/Gen Agent Trust Hub

invoice-organizer

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses standard shell utilities (find, mkdir, cp, mv) to manage local files. These operations are restricted to the local filesystem and serve the intended purpose of document organization.
  • [PROMPT_INJECTION]: The skill has an indirect prompt injection surface because it reads text from untrusted external files (PDFs and images).
  • Ingestion points: Data is extracted from user-supplied invoice and receipt files (SKILL.md).
  • Boundary markers: None are explicitly used when processing extracted text content.
  • Capability inventory: File system modification via mkdir, cp, and mv commands.
  • Sanitization: The skill provides instructions to 'Remove special characters except hyphens' during filename generation, mitigating potential command injection risks from malicious file content.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 09:21 PM