contract-review
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted external data from legal contracts (PDF, DOCX, TXT, MD), which creates a surface for indirect prompt injection where malicious text within a document could attempt to override the agent's instructions.
- Ingestion points: Document content is ingested in
SKILL.mdvia theload_contractandload_docxfunctions. - Boundary markers: The instructions do not specify the use of delimiters or 'ignore embedded instructions' warnings when the agent evaluates the extracted text.
- Capability inventory: The skill focuses on file reading and text analysis; no network operations, subprocess executions, or file-writing capabilities were detected in the provided scripts.
- Sanitization: The skill does not implement sanitization, filtering, or validation of the text extracted from the external documents.
Audit Metadata