Conversational Ai Assistant

The skill bundle is designed to provide a conversational interface for an accounting system, explicitly prioritizing safety, transparency, and user confirmation. The `SKILL.md` documentation outlines strict 'Read First, Act Second' principles, requiring human confirmation for all actions that modify data or interact with government systems. It explicitly states that sensitive commands (e.g., `submit`, `add/update/delete`) are 'never called directly' by the agent but are routed 'via meta-skill' with confirmation gates. There is no evidence of data exfiltration to external endpoints, malicious command execution (like `curl|bash`), persistence mechanisms, or obfuscation. The `EVALS.json` further reinforces these safety expectations, confirming the intent to prevent unauthorized actions. The skill's design actively mitigates prompt injection risks by defining clear scope boundaries and requiring explicit user approval for critical operations.