green-invoice
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructions and the bundled helper script
scripts/green-invoice-client.pyfacilitate interaction with the service via shell commands and Python's network libraries. - [EXTERNAL_DOWNLOADS]: Documentation in
references/api-reference.mdidentifies standard client libraries for Python and PHP, such as thegreen-invoicepackage, to assist with API integration. - [DATA_EXFILTRATION]: Network communication is directed to authorized service domains
api.greeninvoice.co.ilandsandbox.d.greeninvoice.co.il. This includes the necessary transmission of API credentials and financial records to the platform. - [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection as it processes data from external API responses. 1. Ingestion points: Data is retrieved from the Green Invoice API through
scripts/green-invoice-client.pyandcurlcommands. 2. Boundary markers: The instructions lack specific delimiters or warnings to isolate instructions potentially embedded in the API data. 3. Capability inventory: The skill uses network operations, shell command execution, and script execution. 4. Sanitization: The skill does not currently implement sanitization or filtering of the content returned from the API.
Audit Metadata