israeli-smart-saver
Pass
Audited by Gen Agent Trust Hub on Apr 11, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE]: The skill is entirely composed of Markdown documentation and templates. It does not include any executable scripts, shell commands, or package dependencies.
- [SAFE]: All external links point to legitimate and well-known Israeli services (e.g., zap.co.il, buyme.co.il, cashback.co.il). No suspicious or typosquatted domains were identified.
- [SAFE]: While the skill instructs the agent to help users analyze sensitive financial information like credit card statements and bank apps, this is purely instructional and lacks any automated exfiltration or unauthorized access mechanisms.
- [PROMPT_INJECTION]: The skill suggests analyzing untrusted external data such as email contents and transaction descriptions. 1. Ingestion points:
SKILL.md(Step 1: Identify All Recurring Charges). 2. Boundary markers: Absent. 3. Capability inventory: None. 4. Sanitization: Absent. This represents a theoretical indirect prompt injection surface with no path to exploitation.
Audit Metadata