escalation-flagger
Pass
Audited by Gen Agent Trust Hub on May 13, 2026
Risk Level: SAFE
Full Analysis
- Localized File Operations: The skill reads from and writes to specific directories within
~/.claude/plugins/config/. This behavior is consistent with its intended purpose of managing matter-specific context and referencing organizational escalation policies. - Human-in-the-Loop Design: The skill is designed to draft messages rather than send them automatically. By requiring the user to review and send the drafted ask, the skill incorporates a manual verification step that maintains oversight of the process.
- Data Ingestion Surface: The skill processes user-supplied descriptions of legal issues and contract memos. While this involves handling untrusted data, the potential risks are managed through the skill's constrained operational scope, which is limited to drafting text and recording local notes.
- Clear Operational Boundaries: The instructions specify that the skill should not access data across different matters unless explicitly enabled, supporting data isolation practices within the user's legal workspace.
Audit Metadata