Skills
skills/swn94/awesome-legal-skills/tabular-review-antoine-louis/Gen Agent Trust Hub

tabular-review-antoine-louis

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • Indirect Prompt Injection (LOW): The skill ingests untrusted data from external files and interpolates it into subagent prompts without proper security boundaries.
  • Ingestion points: Step 3 uses the pdf and docx skills to read content from document paths discovered via the Glob tool.
  • Boundary markers: Absent. The subagent prompt template in Step 3 fails to use clear delimiters (such as XML tags or unique separators) to isolate the document text from the agent's instructions.
  • Capability inventory: The skill utilizes the Task system for subagent execution, filesystem read access through pdf/docx skills, and filesystem write access through the xlsx skill.
  • Sanitization: Absent. There is no logic provided to escape, filter, or validate the content extracted from the documents before it is processed by the LLM subagents.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:49 PM