israeli-financial-reports
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted financial data which acts as an ingestion point for indirect prompt injection attacks. If a transaction journal or VAT record contains natural language instructions, the agent might inadvertently execute them.
- Ingestion points: Financial data sources including the 'Transaction Journal (Yoman Peulot)', 'VAT Records', and 'Trial Balance' data gathered from user-provided files or inputs (Step 2 and Example 2 in SKILL.md and SKILL_HE.md).
- Boundary markers: Absent. The instructions do not define delimiters or explicit 'ignore' instructions to prevent the agent from obeying commands embedded within the data records.
- Capability inventory: The skill is configured with
Read,Write,Edit, andBash(python:*)tools, which could be exploited to perform unauthorized file operations or code execution if an injection occurs. - Sanitization: Absent. No validation or filtering of input data is mentioned to ensure it contains only expected financial figures.
Audit Metadata