invoice
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill uses the 'uv' tool to dynamically install and run well-known Python libraries including 'weasyprint', 'pyyaml', and 'jinja2' from official registries. This is standard behavior for the tool's environment.
- [COMMAND_EXECUTION]: The agent is instructed to execute a bundled Python script, 'generate-invoice.py', to perform the document generation tasks.
- [PROMPT_INJECTION]: The skill has an indirect injection surface because it processes data from client YAML files and command-line arguments (such as invoice notes or descriptions). These inputs are interpolated into an HTML template. While there is no explicit sanitization for HTML tags, the rendering is handled by WeasyPrint, which does not execute JavaScript, significantly limiting the risk.
- [DATA_EXFILTRATION]: The skill reads billing information from local YAML files and writes generated PDFs to a local directory. No credentials or sensitive system files are accessed, and no network exfiltration was found.
Audit Metadata