rs-waybill
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECREDENTIALS_UNSAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [CREDENTIALS_UNSAFE]: The skill contains hardcoded test credentials in
README.mdandSKILL.md(Username:tbilisi/satesto2, Password:123456). These are explicitly documented as demonstration accounts for the Georgian Revenue Service sandbox environment. - [EXTERNAL_DOWNLOADS]: The
README.mdfile provides installation instructions vianpx skills add, which fetches the skill code from the author's GitHub repository (github.com/sepivip/claude-rs-ge-waybill-skill). This is a standard vendor-specific resource reference. - [PROMPT_INJECTION]: The
SKILL.mdfile contains instructions using "CRITICAL" and "WARNING" headers to emphasize technical field requirements (e.g., mandatory empty fields for Type 3 waybills). These are benign technical constraints of the RS.GE SOAP API and do not attempt to bypass the AI agent's safety guidelines. - [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by processing data from an external government API.
- Ingestion points: The skill retrieves waybill lists, goods descriptions, and entity names from the RS.GE SOAP service at
https://services.rs.ge/WayBillService/WayBillService.asmx(references/api-methods.md). - Boundary markers: No specific boundary markers or delimiters for external data are defined in the provided documentation.
- Capability inventory: The skill documentation enables the agent to perform SOAP operations for creating, querying, and managing financial documents and entity records.
- Sanitization: There is no mention of input validation or XML response sanitization in the skill instructions.
Audit Metadata