new-case
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to use the shell command
date "+%Y-%m-%d"to ensure document creation dates and timelines are accurate. This is a benign use of system tools for metadata purposes. - [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection as it is designed to ingest and process untrusted external data.
- Ingestion points: The agent scans directory contents and reads various file types (chat records, contracts, legal documents) to extract metadata as specified in
references/extraction-rules.md. - Boundary markers: The instructions do not define clear delimiters or system-level warnings to ignore embedded instructions within the processed legal materials.
- Capability inventory: The skill can create directories, move files, and generate new Markdown and YAML files based on the analyzed content.
- Sanitization: There are no specific sanitization or validation steps described to filter potentially malicious text embedded in the ingested materials.
Audit Metadata