lawyer-expert
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- PROMPT_INJECTION (SAFE): No instructions to override safety filters or disregard previous rules were found. The instructions focus on legal domain expertise.
- DATA_EXFILTRATION (SAFE): No hardcoded credentials, API keys, or network-bound operations (like curl or requests) were detected. Sensitive file paths are not accessed.
- REMOTE_CODE_EXECUTION (SAFE): No remote scripts are downloaded or executed. The code is entirely local and does not use dynamic execution functions like eval() or exec().
- COMMAND_EXECUTION (SAFE): No use of subprocess, os.system, or other shell execution methods were found in the Python classes.
- INDIRECT_PROMPT_INJECTION (LOW): The skill possesses a data ingestion surface through methods like assess_gdpr_compliance(system_data). While the code only performs logical checks, if an agent uses this skill on untrusted data, there is a minor risk that embedded instructions in the input could influence agent behavior. This is a common property of skills that process external input.
Audit Metadata