The Agent Skills Directory

[Prompt Injection] (SAFE): No instructions found that attempt to bypass safety filters or override system constraints. The instructions are strictly limited to formatting and categorizing financial data.
[Data Exposure & Exfiltration] (SAFE): The skill does not perform network operations, use hardcoded credentials, or access sensitive file paths. It only processes information provided by the user in the conversation.
[Obfuscation] (SAFE): No Base64, zero-width characters, or encoded commands were detected in the text or templates.
[Unverifiable Dependencies & Remote Code Execution] (SAFE): This is a 'No Code' skill. It does not include or install any third-party packages or download remote scripts.
[Privilege Escalation] (SAFE): No commands involving elevated privileges (sudo, chmod, etc.) are present.
[Persistence Mechanisms] (SAFE): The skill does not attempt to modify shell profiles, scheduled tasks, or startup services.
[Metadata Poisoning] (SAFE): The YAML frontmatter and descriptive fields are accurate and do not contain hidden malicious instructions.
[Indirect Prompt Injection] (INFO): While the skill processes untrusted user data (receipts and transactions), it lacks any executable or network-based capabilities. The risk is negligible as it only outputs formatted text.
[Time-Delayed / Conditional Attacks] (SAFE): No logic exists that triggers behavior based on time, date, or environmental conditions.
[Dynamic Execution] (SAFE): No use of eval, exec, or unsafe deserialization. The skill does not generate or execute code at runtime.

expense-report