israeli-bookkeeping-automation
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted user data regarding business transactions and payroll without utilizing boundary markers or sanitization guidelines.\n
- Ingestion points: Transaction and salary data provided by the user in
SKILL.mdandSKILL_HE.md.\n - Boundary markers: No delimiters are specified to wrap or isolate user-provided data within the agent context.\n
- Capability inventory: The skill is configured to use
Bash(python:*), which could be exploited if user data is interpolated into generated scripts without validation.\n - Sanitization: No validation, escaping, or filtering of external content is described in the instructions.\n- [EXTERNAL_DOWNLOADS]: The skill provides reference links to official Israeli government websites (btl.gov.il, mas.gov.il) and reputable informational sources (kolzchut.org.il, pensuni.com). These resources are used for manual verification of tax and insurance rates and do not involve remote code execution or automated downloads.
Audit Metadata