The Agent Skills Directory

[SAFE]: No malicious patterns, such as hardcoded credentials, data exfiltration, or obfuscation, were found within the skill files.- [EXTERNAL_DOWNLOADS]: The skill specifies 'python-docx' as a dependency. This is a standard and reputable library for processing Word documents, which is consistent with the skill's functionality.- [PROMPT_INJECTION]: The skill ingests and processes untrusted legal documents, creating an attack surface for indirect prompt injection.
Ingestion points: External contract content and Word documents provided by the user (SKILL.md).
Boundary markers: Absent. The prompt does not define specific delimiters to distinguish contract text from analysis instructions.
Capability inventory: Document reading and text analysis logic across the skill's workflow.
Sanitization: Absent. There are no instructions for sanitizing or escaping the content of the processed contracts.

china-contract-review