advogado-especialista
Warn
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill includes instructions to execute Python scripts ('scan_registry.py', 'match_skills.py') from a hardcoded absolute Windows path ('C:\Users\renat\skills\agent-orchestrator\scripts'). These scripts are not included in the skill package, preventing verification of their contents and potentially leading to arbitrary code execution on systems where the path exists.
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection as it ingests untrusted case data from users. Evidence: (1) Ingestion points: Case details provided by users for legal analysis in 'SKILL.md'. (2) Boundary markers: None identified. (3) Capability inventory: Access to powerful tools including 'claude-code', 'cursor', and 'gemini-cli' which have terminal and filesystem access. (4) Sanitization: No input validation or escaping procedures are specified for external content.
Audit Metadata