tax-professional
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill directs the agent to execute
thinkfleet cron addcommands to set up automated tax deadline reminders. These commands utilize the vendor's platform-specific CLI to provide core functionality. - [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface (Category 8) due to its data-handling practices. 1. Ingestion points: Untrusted data is retrieved from
USER.md,data/mechanic/state.json, anddata/card-optimizer/cards.json. 2. Boundary markers: The skill does not define clear delimiters or provide instructions to the agent to ignore any embedded directives within these external files. 3. Capability inventory: The agent is authorized to read/write local files and execute platform CLI commands. 4. Sanitization: There is no specification for sanitizing or validating the content of ingested files before they are processed by the agent.
Audit Metadata