contract-reviewer
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because its core function is to ingest and analyze untrusted data provided by users (contract text, files, or URLs).
- Ingestion points: The skill instructions in
SKILL.mdspecify that the user provides contract text via paste, file, or URL for analysis. - Boundary markers: Absent; there are no specified delimiters or system instructions to the agent to distinguish between its own instructions and potentially malicious commands embedded within the untrusted contract text.
- Capability inventory: Based on
SKILL.md, the agent performs text extraction, risk scoring, and report generation. No high-risk capabilities such as command execution, file system modification, or network exfiltration are present in the skill files. - Sanitization: Absent; the skill does not define any input validation or sanitization procedures for the processed contract content.
Audit Metadata