Skills
skills/dkyazzentwatwa/chatgpt-skills/contract-generator/Gen Agent Trust Hub

contract-generator

Warn

Audited by Gen Agent Trust Hub on Feb 15, 2026

Risk Level: MEDIUMPROMPT_INJECTION
Full Analysis
  • Indirect Prompt Injection (MEDIUM): The skill processes untrusted input from DOCX templates and data files (CSV/JSON) using string replacement without sanitization. This allows for indirect prompt injection if the resulting documents are interpreted by other AI agents or users.
  • Ingestion points: scripts/contract_generator.py (methods load_template, batch_generate, and JSON loading in __main__).
  • Boundary markers: Absent; variable replacement uses simple {{key}} syntax without delimiters or escape sequences.
  • Capability inventory: Local file system write (DOCX generation).
  • Sanitization: Absent; the skill performs direct string replacement.
  • Prompt Injection (MEDIUM): In scripts/contract_generator.py, the batch_generate method uses the output_filename column from the input CSV directly in os.path.join(output_dir, filename). This allows a malicious CSV file to perform a path traversal attack by specifying relative paths (e.g., ../../target) to write files outside of the intended output directory.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 15, 2026, 11:16 PM