Skill Trust Decision
Receipt Logger
SKILL.md declares a 'receipt-logger' CLI tool with HMAC signing and append-only logging, but no implementation script exists in the file tree — only SKILL.md and config.json are present, constituting a severe documentation-to-code mismatch.
Most direct threat evidence
High Doc Mismatch
Implementation script missing — documented functionality absent SKILL.md declares 'receipt-logger' as the main CLI entry point with full functionality (log, list, verify, export commands with HMAC signing), but the file tree contains only SKILL.md and config.json. No shell script, Python script, or any implementation file exists. This is a severe doc-to-code mismatch where the stated capabilities cannot be executed.
SKILL.md:1 Why this conclusion was reached
1/4 dimensions flagged Pass
Declared vs actual capability
Declared resources and inferred behavior are broadly aligned.
Pass
Hidden execution and egress
No obvious high-risk egress or execution signals were found.
Block
Attack chain and severe findings
The report includes 0 attack-chain steps and 1 severe findings.
Review
Dependencies and supply chain hygiene
Dependency information is incomplete, so supply-chain confidence stays limited.
What drove the risk score up
Missing implementation (doc-to-code mismatch) +25
SKILL.md declares 'receipt-logger' as the entry point with full CLI functionality, but no such script exists in the file tree — only documentation and config metadata are present
False capability declaration +15
Skill claims 'Zero external dependencies — Pure shell + JSON' with HMAC-based cryptographic signing, but no code exists to verify or execute these claims
Most important evidence
High Doc Mismatch
Implementation script missing — documented functionality absent
SKILL.md declares 'receipt-logger' as the main CLI entry point with full functionality (log, list, verify, export commands with HMAC signing), but the file tree contains only SKILL.md and config.json. No shell script, Python script, or any implementation file exists. This is a severe doc-to-code mismatch where the stated capabilities cannot be executed.
SKILL.md:1 Provide the 'receipt-logger' implementation script or remove the documentation claiming its existence. If this is a template/stub, it should be clearly labeled as non-functional.
Low Doc Mismatch
Config.json marked as sensitive without justification
Pre-scan metadata flags config.json as 'sensitive', but the file contains only standard skill metadata (name, slug, version, tags, license). No credentials, tokens, or secrets are present. Either the sensitivity flag is incorrect, or there is hidden content not visible in the scan.
config.json:1 Verify config.json contains no hidden or encoded data. If it only holds metadata, the sensitivity flag should be corrected.
Declared capability vs actual capability
Filesystem Pass
Declared NONE
→ Inferred NONE
No implementation code present to analyze filesystem access patterns Shell Pass
Declared NONE
→ Inferred NONE
SKILL.md references 'receipt-logger' as a shell CLI, but no shell script exists in the package Network Pass
Declared NONE
→ Inferred NONE
No implementation code to analyze network behavior Suspicious artifacts and egress
No obvious IOC was extracted.
Dependencies and supply chain
There are no structured dependency warnings.
File composition
2 files · 76 lines
Markdown 1 files · 63 linesJSON 1 files · 13 lines
Files of concern · 2
config.json Config.json marked as sensitive without justification
SKILL.md Implementation script missing — documented functionality absent
Security positives
No malicious code patterns found (base64, reverse shells, eval calls) — however, there is no code to analyze
No credential harvesting attempts identified
No data exfiltration infrastructure present
No network communication patterns observed
No obfuscation techniques detected
config.json contains no actual secrets despite sensitivity flag