yuandian-law-search
Pass
Audited by Gen Agent Trust Hub on May 13, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill periodically checks for version updates and metadata by fetching data from the author's GitHub repository at cat-xierluo/legal-skills.\n- [REMOTE_CODE_EXECUTION]: The script includes an explicit update mechanism (
do-update) that downloads and replaces the skill's own Python scripts with new versions from the author's GitHub repository. This pattern allows for the execution of code retrieved from a remote network source.\n- [COMMAND_EXECUTION]: Operation of the skill requires the agent to execute theyd_search.pyscript via the shell to interact with the external legal database API.\n- [PROMPT_INJECTION]: The skill processes extensive legal and corporate data from the YuanDian API, which creates a surface for indirect prompt injection if the source content contains malicious instructions.\n - Ingestion points:
scripts/yd_search.py(receives legal text, judgment records, and enterprise summaries from the external API).\n - Boundary markers: Absent. The instructions do not define delimiters or specific constraints to prevent the agent from being influenced by instructions embedded within the retrieved legal data.\n
- Capability inventory: Shell command execution (
python3) across primary scripts to perform searches, metadata checks, and updates.\n - Sanitization: Absent. The retrieved legal content is formatted directly into Markdown without specific escaping or validation to neutralize potential prompt-altering instructions.
Audit Metadata