tax-prep
Pass
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXFILTRATION]: The skill connects to api.serendb.com via HTTPS to check account balances and query transaction data. This communication targets the official vendor infrastructure and uses standard authorization headers for credential management.
- [PROMPT_INJECTION]: Instructions in SKILL.md are functional and focused on the workflow for transaction mapping and tax calculation. No attempts to override safety protocols or bypass agent constraints were found.
- [COMMAND_EXECUTION]: The provided Python runtime script performs standard file and network operations using official libraries. It does not spawn shells, execute arbitrary commands, or attempt privilege escalation.
- [CREDENTIALS_UNSAFE]: The skill correctly manages sensitive data by retrieving API keys from environment variables rather than hardcoding them in the source code or configuration files.
Audit Metadata