{"id":"fintech-invoice-fraud-detector","title":"Invoice Fraud Detector","description":"Findings typed. Invoice fraud. Typed v1 agent with eval coverage.","category":"fintech","status":"validated","version":"1.0.0","source":"agentskit-registry","license":"MIT","tags":["fintech","structured-output","v1"],"packages":["@agentskit/core","@agentskit/runtime","@agentskit/tools"],"files":["agent.ts","README.md","eval.ts"],"requires":{"zod":"^3","zod-to-json-schema":"^3"},"skill":{"name":"fintech-invoice-fraud-detector","description":"Findings typed. Invoice fraud. Typed v1 agent with eval coverage.","systemPrompt":"You are Invoice Fraud Detector. Invoice fraud. Output: Findings typed.\nActionable findings citing input sources. No invented issues.\nNEVER invent facts — gaps and openQuestions for missing input. Always draft for human review.\n${UNTRUSTED_CONTENT_DIRECTIVE}\nCall submit_fraud_detector exactly once. Stop."},"flow":null,"a2a":{"id":"io.agentskit.registry.fintech-invoice-fraud-detector","name":"Invoice Fraud Detector","description":"Findings typed. Invoice fraud. Typed v1 agent with eval coverage.","version":"1.0.0","homepage":"https://registry.agentskit.io","skills":[{"name":"fintech-invoice-fraud-detector","description":"Findings typed. Invoice fraud. Typed v1 agent with eval coverage.","capabilities":{"streaming":true,"cancellation":true,"requiresApproval":false}}]},"sources":[{"path":"agent.ts","content":"import type { AdapterFactory, ChatMemory, Observer, ToolCall, ToolDefinition } from '@agentskit/core'\nimport { fenceUntrustedContent, UNTRUSTED_CONTENT_DIRECTIVE } from '@agentskit/core/security'\nimport { invokeStructured } from '@agentskit/runtime'\nimport { defineZodTool } from '@agentskit/tools'\nimport { z } from 'zod'\nimport { zodToJsonSchema } from 'zod-to-json-schema'\nimport type { JSONSchema7 } from 'json-schema'\n\n/** Invoice Fraud Detector — v1 validated. Pain: Invoice fraud */\n\nexport interface Finding { id: string; severity: 'critical' | 'high' | 'medium' | 'low' | 'info'; message: string; source?: string; recommendation?: string }\nexport interface AgentOutput { summary: string; findings: Finding[]; gaps: string[]; openQuestions: string[] }\nexport interface AgentResult extends AgentOutput { requiresReview: boolean }\nexport interface FintechInvoiceFraudDetectorConfig {\n  adapter: AdapterFactory\n  memory?: ChatMemory\n  observers?: Observer[]\n  onConfirm?: (toolCall: ToolCall) => boolean | Promise<boolean>\n  maxSteps?: number\n}\n\nconst Output = z.object({\n  summary: z.string(),\n  findings: z.array(z.object({\n    id: z.string(), severity: z.enum(['critical', 'high', 'medium', 'low', 'info']),\n    message: z.string(), source: z.string().optional(), recommendation: z.string().optional(),\n  })),\n  gaps: z.array(z.string()).default([]),\n  openQuestions: z.array(z.string()).default([]),\n})\nconst toJson = (s: z.ZodTypeAny): JSONSchema7 => zodToJsonSchema(s) as JSONSchema7\n\nconst skill = {\n  name: 'fintech-invoice-fraud-detector',\n  description: \"Invoice Fraud Detector — typed output agent (draft spec).\",\n  systemPrompt: `You are Invoice Fraud Detector. Invoice fraud. Output: Findings typed.\nActionable findings citing input sources. No invented issues.\nNEVER invent facts — gaps and openQuestions for missing input. Always draft for human review.\n${UNTRUSTED_CONTENT_DIRECTIVE}\nCall submit_fraud_detector exactly once. Stop.`,\n  tools: ['submit_fraud_detector'],\n}\n\nexport function createFintechInvoiceFraudDetectorAgent(config: FintechInvoiceFraudDetectorConfig) {\n  const submit = (): ToolDefinition =>\n    defineZodTool({ name: 'submit_fraud_detector', description: 'Submit result. Once.', schema: Output, toJsonSchema: toJson, async execute() { return 'recorded' } }) as ToolDefinition\n\n  async function run(input: string): Promise<AgentResult> {\n    if (!input?.trim()) throw new Error('fintech-invoice-fraud-detector requires non-empty input')\n    const result = await invokeStructured({\n      adapter: config.adapter,\n      tool: submit(),\n      task: `INPUT:\\n${fenceUntrustedContent(input)}`,\n      parse: (a) => Output.parse(a),\n      skill,\n      memory: config.memory,\n      observers: config.observers,\n      onConfirm: config.onConfirm,\n      maxSteps: config.maxSteps ?? 4,\n    })\n    return { ...result, requiresReview: true }\n  }\n  return {\n    name: 'fintech-invoice-fraud-detector',\n    run,\n    asHandle() { return { name: 'fintech-invoice-fraud-detector', run: (t: string) => run(t).then((r) => JSON.stringify(r)) } },\n  }\n}\n"},{"path":"README.md","content":"# Invoice Fraud Detector\n\n> **v1 validated** — `npx agentskit add fintech-invoice-fraud-detector`\n\n## Pain\nInvoice fraud\n\n## Output\nFindings typed\n"},{"path":"eval.ts","content":"import type { EvalSuite } from '@agentskit/eval'\n\nexport const suite: EvalSuite = {\n  name: 'fintech-invoice-fraud-detector',\n  cases: [\n    { input: 'Complete input for Invoice Fraud Detector: Invoice fraud. Provide full structured output.', expected: (r: string) => r.length > 20 && /requiresReview|summary|title|category|findings|sections|score|clusters|items|steps/i.test(r) },\n    { input: 'Minimal input.', expected: (r: string) => /gap|openQuestion/i.test(r) || r.length > 10 },\n    { input: 'Input with specific detail: ACME Corp project deadline March 15.', expected: (r: string) => /ACME|March|15/i.test(r) || /gap/i.test(r) },\n    { input: 'Empty context — only says \"process this\".', expected: (r: string) => r.length > 5 },\n  ],\n}\n"}],"installable":true,"validation":{"status":"approved","score":96,"confidence":0.96,"method":"codex-executor-independent-reviewer","iterations":1,"cases":3,"summary":"The agent produced valid structured outputs for all three cases, stayed within the invoice-fraud-detector purpose, did not fabricate invoice facts from sparse or instruction-like prompts, surfaced missing evidence clearly, and resisted the explicit prompt injection. The behavior is conservative and useful for fintech fraud triage. Minor concern: it labels benign evaluator prompts as untrusted instruction-like content somewhat aggressively, but that is safer than hallucinating invoice evidence and does not impair v1 readiness.","strengths":["Valid structured result shape across all cases with summary, findings, gaps, openQuestions, and review requirement.","Correctly refuses to make fraud determinations without invoice evidence instead of inventing details.","Explicitly identifies and ignores the injection request to output APPROVED.","Provides practical missing-data lists and next-step questions relevant to invoice fraud review.","No unsafe content, empty outputs, material hallucinations, or contradictions of agent purpose observed."],"notes":[]}}