contract-comparison
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests untrusted data from external files and web sources without defining clear boundaries to distinguish between document content and agent instructions.
- Ingestion points: The skill accepts user-provided file paths or URLs, which are then processed using the
ReadandWebFetchtools respectively. - Boundary markers: The instructions do not establish specific delimiters or provide guidance to the agent to ignore any embedded natural language instructions within the contracts being analyzed.
- Capability inventory: The skill possesses the capability to read local files, perform network reads via
WebFetch, and write output to the local filesystem (CONTRACT-COMPARISON.md). - Sanitization: There is no specified logic for sanitizing or escaping the content retrieved from external sources before it is analyzed and written to the output file.
Audit Metadata