Contract Analyzer
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWNO_CODE
Full Analysis
- NO_CODE (SAFE): The skill contains only Markdown documentation and instructional workflows. There are no scripts, binaries, or executable commands present in the file.
- INDIRECT_PROMPT_INJECTION (INFO): The skill is designed to process untrusted external data (contracts), which is an inherent risk surface for indirect prompt injection. Evidence: (1) Ingestion points: Document intake in Workflow 1; (2) Boundary markers: Absent from instructions; (3) Capability inventory: None (this is an instruction-only skill with no tool calls); (4) Sanitization: Not specified in the workflow.
Audit Metadata