attorney-assist
Pass
Audited by Gen Agent Trust Hub on Jun 19, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill contains strong defensive instructions (e.g., 'NEVER simulate, fabricate, or approximate') designed to prevent the AI from hallucinating successful service interactions or API responses. These markers serve as a reliability guardrail rather than an attempt to bypass safety protocols.
- [DATA_EXPOSURE]: The skill collects context for legal consultations, including conversation summaries and user phone numbers. All data is passed through official LegalZoom MCP tools (e.g.,
legalzoom.request_attorney_review) to authorized providers. - [INDIRECT_PROMPT_INJECTION]: The skill ingests user documents and conversation history in Step 4 to package context for the attorney. While this creates an ingestion surface for untrusted data, the skill acts as a conduit for professional review rather than executing instructions contained within that data.
- [SAFE]: External links and document upload pointers are restricted to the official LegalZoom domain.
Audit Metadata