my-legal-advisor
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its core functionality of processing and analyzing untrusted documents provided by users.
- Ingestion points: Document text exceeding 100 characters provided by the user in "Mode B" for contract analysis.
- Boundary markers: Absent. The skill instructions do not specify any delimiters (like XML tags or triple quotes) or provide guidance to the agent to ignore instructions embedded within the processed document text.
- Capability inventory: The skill uses a complex four-agent pipeline (law-researcher, risk-assessor, consistency-checker, action-planner) to determine legal risks and generate binding-style action plans.
- Sanitization: No input validation, escaping, or filtering of user-pasted document content is mentioned or implemented in the workflow.
Audit Metadata