client-intake

Pass

Audited by Gen Agent Trust Hub on Jun 12, 2026

Risk Level: SAFE
Full Analysis
  • [Context Access]: The skill reads configuration files from the user's plugin directory (~/.claude/plugins/config/claude-for-legal/) to determine practice areas and supervision styles. This is a standard practice for personalizing agent behavior and does not involve unauthorized access to sensitive system files.
  • [Sensitive Data Processing]: By design, the skill handles sensitive legal and personal information, including immigration status and criminal history. This data is used solely to generate a formatted summary for review by students and supervising attorneys within the intended application context.
  • [Cross-Skill Integration]: The skill generates commands for the '/legal-clinic:deadlines' skill to help track case timelines. These outputs are structured as code blocks for the user to review and copy, maintaining human-in-the-loop oversight for subsequent actions.
  • [Indirect Input Handling]: The skill processes client narratives provided during Step 1. While this introduces an indirect prompt injection surface, the risk is addressed through the skill's highly structured output format and the requirement for verification by a human supervisor.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 12, 2026, 08:46 PM
Security Audit — agent-trust-hub — client-intake