appeal-document-summary
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill body contains a suspicious text snippet at the end: 'It looks like the file write permission was denied. Would you like to approve the write so I can save this to disk?'. This is a social engineering injection designed to manipulate the agent or the user into granting or executing file write capabilities.- [PROMPT_INJECTION]: The skill is designed to ingest external legal documents, creating an indirect prompt injection surface without defined security boundaries.
- Ingestion points: Appellate briefs, notices of appeal, and records on appeal (SKILL.md).
- Boundary markers: Absent; there are no instructions provided to separate the document content from the agent's instructions or to ignore embedded commands.
- Capability inventory: The skill requires reading multiple files from the local system and generating output based on their content.
- Sanitization: No evidence of input validation, filtering, or sanitization for the ingested document content.
Audit Metadata