legal-proposal-generator
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFE
Full Analysis
- SAFE (SAFE): No executable code detected. The skill consists exclusively of Markdown templates, workflow instructions, and reference documentation. It does not include Python scripts, Node.js packages, or shell commands.
- Indirect Prompt Injection (LOW): The skill is designed to ingest and process untrusted user data (case materials and communication records).
- Ingestion points: User-provided text input for document generation (SKILL.md).
- Boundary markers: Explicit instructions in SKILL.md state "only base on provided materials" and "do not add facts," which serves as a grounding mechanism.
- Capability inventory: No capabilities for network access, file system writes (beyond the agent's default output), or code execution are defined within the skill files.
- Sanitization: None detected, but the lack of executable capabilities makes this a low-risk surface.
Audit Metadata