Skills
skills/voska/qbo-cli/qbo/Gen Agent Trust Hub

qbo

Pass

Audited by Gen Agent Trust Hub on Mar 4, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill provides instructions to install the qbo CLI from the author's official GitHub repository (github.com/voska/qbo-cli) and package manager taps. These are recognized as legitimate vendor resources.
  • [COMMAND_EXECUTION]: The skill utilizes the Bash tool to execute the qbo binary. This allows the agent to perform administrative and data-management tasks on a QuickBooks Online account, such as creating invoices and querying customer lists.
  • [PROMPT_INJECTION]: Analysis of indirect prompt injection risks:
  • Ingestion points: The skill ingests untrusted data from external QuickBooks Online records via the qbo list, get, and query commands in SKILL.md.
  • Boundary markers: No explicit delimiters are used in the prompt instructions to separate data from instructions, though the use of JSON output is encouraged for structure.
  • Capability inventory: The agent has the capability to write, update, and delete financial records using the qbo CLI through the Bash tool.
  • Sanitization: The skill relies on the qbo CLI's output formatting and does not specify additional sanitization or validation of the data content before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 4, 2026, 10:35 AM