contract-review-anthropic
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were detected in the skill's instructions or metadata.
- [PROMPT_INJECTION]: No evidence of instructions attempting to bypass safety filters or override system prompts. The use of "Important" is restricted to a benign legal disclaimer.
- [DATA_EXFILTRATION]: No network operations (such as curl or wget) or hardcoded credentials were found.
- [REMOTE_CODE_EXECUTION]: The skill does not perform any remote code execution, script downloads, or package installations.
- [PROMPT_INJECTION]: The skill includes an attack surface for indirect prompt injection as it processes untrusted contract text, though it lacks high-risk capabilities like network access.
- Ingestion points: Processes external contract text.
- Boundary markers: None explicitly defined.
- Capability inventory: No subprocess calls, network operations, or file-write capabilities.
- Sanitization: No specific sanitization or filtering of contract content mentioned.
Audit Metadata