billing-automation
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: Extensive analysis of the skill's instructions and implementation playbook found no malicious patterns, persistence mechanisms, or unauthorized credential access. The provided code logic is consistent with the stated purpose of educational billing automation.
- [PROMPT_INJECTION]: A potential surface for indirect prompt injection exists in the
Invoice.to_htmlmethod withinresources/implementation-playbook.mdwhere untrusted data is interpolated into HTML. - Ingestion points: Customer-supplied fields
customer_nameandcustomer_addressenter the template logic. - Boundary markers: Absent from the Python string template used for HTML generation.
- Capability inventory: The logic is designed to produce structured HTML output for billing documentation.
- Sanitization: No HTML escaping is implemented in the provided snippet; developers should apply standard sanitization to prevent potential injection in generated invoices.
Audit Metadata