kanchi-dividend-us-tax-accounting
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill ingests untrusted data through a JSON input file processed by the
build_tax_planning_sheet.pyscript. This creates a surface for indirect prompt injection where malicious content in the input data could influence the agent's final report. - Ingestion points: The script
scripts/build_tax_planning_sheet.pyreads holding data from a user-provided file path via the--inputargument. - Boundary markers: None; the skill lacks explicit delimiters or system instructions to ignore embedded commands within the processed data.
- Capability inventory: The skill performs local file writes (Markdown and CSV) and generates natural language reports based on data values.
- Sanitization: The script uses standard
jsonandcsvmodules for parsing, which prevents code execution but does not sanitize the text content for potential injection attacks. - [COMMAND_EXECUTION]: The skill utilizes a local Python script (
build_tax_planning_sheet.py) to process financial data. Analysis of the script confirms it uses standard libraries and performs deterministic logic without executing external code, spawning dangerous subprocesses, or making network requests.
Audit Metadata