The Agent Skills Directory

[COMMAND_EXECUTION]: The skill utilizes platform-specific tool connectors for its operations: ~~почта is used to search and retrieve email attachments from Yandex 360 and Mail.ru; ~~эдо interfaces with Russian EDO systems (Diadoc, SBIS) to fetch incoming documents; and the docx tool is used to generate Word documents containing redlined changes. These tools are invoked within the scope of the skill's primary document review purpose.
[DATA_EXPOSURE]: The skill is designed to process sensitive legal information, including contract terms, liability clauses, and financial data. This data exposure is necessary for the intended functionality and is restricted to sources specifically authorized or provided by the user.
[INDIRECT_PROMPT_INJECTION]: As the skill ingests untrusted external documents (PDFs, DOCX files, and email attachments), it possesses an inherent attack surface for indirect prompt injection.
Ingestion points: Data enters the context via the ~~почта and ~~эдо tools, as well as local file reads.
Boundary markers: The instructions do not define specific delimiters or guardrails to separate potentially malicious instructions inside a contract from the agent's system instructions.
Capability inventory: The skill has the ability to read files, perform tool-based searches on network services (Email/EDO), and write new files via the docx tool.
Sanitization: No specific content sanitization or validation of the ingested text is performed beyond the analytical categorization mentioned in the skill instructions.

contract-review