tech-contract-negotiation
Pass
Audited by Gen Agent Trust Hub on Apr 11, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted contract text which could contain malicious instructions designed to bias the AI agent's negotiation summaries or recommendations.\n
- Ingestion points: The
scripts/negotiation_position_analyzer.pyscript reads user-provided contract files for analysis.\n - Boundary markers: Absent. The analysis process does not use delimiters to encapsulate untrusted contract text or include instructions to ignore embedded commands.\n
- Capability inventory: The skill uses local Python regex-based analysis to determine contract positions, the results of which form the basis of the agent's strategic advice.\n
- Sanitization: Absent. No filtering is performed on input text to identify or strip natural language instructions.
Audit Metadata