legal-response
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFE
Full Analysis
- [Data Ingestion Surface]: The skill accepts untrusted user input in Step 4 to populate response templates. 1. Ingestion point: User input for details like requester names and inquiry facts. 2. Boundary markers: Template placeholders (e.g., {{variable}}) are used to delimit content. 3. Capability inventory: No command execution, network access, or file-writing capabilities were identified in the skill instructions. 4. Sanitization: The skill relies on standard model behavior for content generation.
- [Local Configuration Access]: The skill identifies templates within local settings files such as legal.local.md, which is a standard pattern for localized tool behavior and does not represent an unauthorized file access risk.
Audit Metadata