Skills
skills/kirkruglov/claude-skills-kit/legal-matter-tracker/Gen Agent Trust Hub

legal-matter-tracker

Pass

Audited by Gen Agent Trust Hub on May 15, 2026

Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted content from local workspace files to generate reports.
  • Ingestion points: The agent scans all .md and .txt files in the workspace root and specific folders like notes/, clients/, and cases/ (specified in SKILL.md).
  • Boundary markers: Absent. The instructions in SKILL.md do not specify the use of delimiters or specific safety instructions to isolate file content from the agent's primary task directives.
  • Capability inventory: The skill uses the agent's file system capabilities to read workspace files and write summarized reports to the local output/ directory (specified in SKILL.md).
  • Sanitization: Absent. The instructions in SKILL.md describe extracting and normalizing dates and facts without specifying validation or escaping of the content.
  • [NO_CODE]: This is a no-code skill. It relies entirely on natural language instructions to guide the agent's behavior and does not include any Python scripts, Node.js code, or external binary dependencies.
Audit Metadata
Risk Level
SAFE
Analyzed
May 15, 2026, 09:41 AM
Security Audit — agent-trust-hub — legal-matter-tracker