plain-english-translation
Pass
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection. It instructs the agent to read and process external documents (files or URLs) provided by the user. If these documents contain hidden instructions designed to override the agent's behavior, the agent might follow them.
- Ingestion points: The skill reads file paths via the Read tool and fetches URLs via WebFetch in Step 1.
- Boundary markers: The instructions do not specify any delimiters or warnings to ignore potential instructions embedded within the contract text.
- Capability inventory: The skill utilizes file reading, web fetching, and file writing operations.
- Sanitization: There is no logic provided to sanitize or filter the input text for malicious prompt sequences before processing.
Audit Metadata