The Agent Skills Directory

[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because its primary function is to ingest and analyze untrusted external documents such as contracts and term sheets.
Ingestion points: The agent reads contract text files and term sheet JSON data as specified in Workflow 1 and Workflow 2 in SKILL.md.
Boundary markers: The skill does not define or use specific boundary markers or XML tags to isolate the untrusted document content from the agent's instructions, increasing the risk of the model following instructions embedded within the processed text.
Capability inventory: The agent can read local files and execute the provided Python scripts in the scripts/ directory.
Sanitization: No sanitization or filtering is applied to the ingested text to mitigate the risk of embedded malicious prompts.
[COMMAND_EXECUTION]: The skill includes and instructs the user to execute two local Python scripts, contract_risk_scanner.py and term_sheet_analyzer.py. These scripts are used for automated document analysis. A review of the source code confirms they rely exclusively on the Python standard library and do not perform any network operations, external downloads, or file system modifications beyond reading the input documents.

general-counsel-advisor