legal-text-format
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- Prompt Injection (LOW): The skill is vulnerable to Indirect Prompt Injection because it ingests and processes untrusted legal text from external sources. * Ingestion points: SKILL.md describes taking input from user pastes or other skills like 'wechat-article-fetch'. * Boundary markers: Absent. The instructions do not use specific delimiters or instructions to ignore commands within the source text. * Capability inventory: The skill performs file system writes, creating folders and .md files in the 'archive/' directory. * Sanitization: None. The text is passed directly to the LLM for processing.
- Data Exposure & Exfiltration (SAFE): File operations are restricted to a local archive directory for legitimate logging and versioning purposes. No sensitive files are accessed, and no unauthorized network activity is present.
- No Code (SAFE): The skill consists entirely of Markdown instructions and examples; it does not include any Python or Node.js scripts or binaries.
Audit Metadata