KSeF Accountant (Polish)

If you configure a real KSeF token, the agent or platform may have access to sensitive tax and invoice operations depending on the surrounding tool permissions.

The skill documents optional use of a KSeF API token, which could authorize access to invoice data and invoice operations. This is expected for a KSeF assistant and is explicitly marked optional/secret, but it is sensitive authority.

If implemented or used with tools, these workflows can create legally significant tax records.

The reference material covers invoice submission to KSeF, including production use where invoices are legally binding. This is aligned with the accounting purpose, and the artifact also warns against production testing.

A platform that does not recognize the secret declarations might not protect configured credentials as expected.

The supplied registry metadata does not declare environment variables, while SKILL.md describes optional KSEF_TOKEN, KSEF_ENCRYPTION_KEY, and KSEF_BASE_URL handling. This appears to be an under-declared metadata/registry gap rather than hidden behavior, because SKILL.md openly warns users to verify platform enforcement.

If a user implements these patterns, sensitive invoice history could influence future classifications and needs protection from poisoning or over-trust.

The AI reference patterns use historical invoices and contractor data for classification, fraud detection, and cash-flow prediction. This is purpose-aligned and described as conceptual, but invoice history is sensitive business data.