fs-merge
Pass
Audited by Gen Agent Trust Hub on May 6, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, such as credential harvesting, data exfiltration, or persistence mechanisms, were identified within the skill or its associated scripts.
- [EXTERNAL_DOWNLOADS]: The skill utilizes established and well-maintained Python libraries for document manipulation, including openpyxl, PyMuPDF, pdfplumber, and pypdf. The instructions guide the user to install these through standard package managers only when necessary.
- [COMMAND_EXECUTION]: The skill uses local shell commands and Python scripts to automate the processing of user-supplied PDFs and spreadsheets. These operations are strictly limited to the extraction and transformation of financial data within the agent's execution environment.
- [SAFE]: The instructions explicitly direct the agent to ignore external URLs (such as DART links) and request local file uploads instead, which significantly reduces the risk of SSRF or unauthorized network access.
Audit Metadata