il-invoice-organizer
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs expected bookkeeping tasks for the Israeli market, such as VAT extraction and expense categorization. No malicious code or hidden instructions were found.
- [COMMAND_EXECUTION]: The script
scripts/categorize_invoices.pyhandles invoice validation and reporting. It operates using standard Python modules and does not invoke dangerous shell commands or download external content. - [DATA_EXFILTRATION]: There is no evidence of data exfiltration. The skill processes financial information locally and lacks network access or external transmission mechanisms.
- [PROMPT_INJECTION]: The skill has a potential surface for indirect prompt injection via the invoice data it processes. Ingestion points: untrusted data enters through the
--inputfile inscripts/categorize_invoices.py. Boundary markers: none are present in the script or instructions. Capability inventory: the skill is limited to local file system access and lacks network or code execution capabilities. Sanitization: no specific sanitization of input data is performed.
Audit Metadata