legal-risk-assessment-zacharie-laik
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface due to its core function of ingesting and analyzing content from external sources.
- Ingestion points: Untrusted external data enters the context through
web_search(using Perplexity) and various legal search tools (case_search,legislation_search) as defined in the 'Research Methodology' and 'Research strategy' sections of SKILL.md. - Boundary markers: The prompt instructions do not implement boundary markers (such as XML tags or specific delimiters) or 'ignore' instructions to isolate tool-generated content from the system's operational logic.
- Capability inventory: Across all provided files, the skill does not possess high-risk capabilities such as arbitrary command execution, file system modification, or non-whitelisted network exfiltration.
- Sanitization: No sanitization or validation mechanisms are specified for processing the results returned by the research tools before they are interpolated into the final response.
Audit Metadata