nda-generator
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill processes user-provided business details to generate document templates, creating a potential vector for indirect instructions.
- Ingestion points: User-supplied context regarding business meetings, party roles, and confidential information defined in the 'How to Use Me' section.
- Boundary markers: Absent; the instructions lack explicit delimiters or warnings to ignore instructions embedded in the user's business description.
- Capability inventory: The skill uses the
office-mcpserver toolscreate_docx,fill_docx_template, anddocx_to_pdfto generate files on the local filesystem. - Sanitization: No specific validation or sanitization routines are defined to filter user input before it is used in document generation.
Audit Metadata