legal-writer
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements a secure and legitimate workflow for legal document generation.
- Network Operations: The research scripts
courtlistener.pyandecfr_lookup.pyinteract with official or well-known legal databases, including the Code of Federal Regulations (.gov) and the Free Law Project's CourtListener. These connections are used solely for searching and retrieving public legal authorities. - Credential Security: API authentication for CourtListener is handled through the
COURTLISTENER_API_TOKENenvironment variable, avoiding hardcoded secrets and following security best practices. - Static Analysis: The verification suite
verify-legal.pyperforms regex-based analysis on local DOCX files and metadata to validate legal standards (e.g., defined terms, citations, and placeholders). It does not execute external code or access sensitive system directories. - Dependency Management: The skill utilizes standard, well-known libraries such as
python-docxfor document manipulation and suggestsdocx2pdffor PDF conversion, which are appropriate for its stated purpose.
Audit Metadata