contract-review
Pass
Audited by Gen Agent Trust Hub on May 17, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted user documents (contracts, terms of service) as part of its primary workflow. This creates a surface for indirect prompt injection, where an attacker could embed malicious instructions within a document to manipulate the agent's behavior during analysis.
- Ingestion points: Processes user-uploaded files in PDF, DOCX, and image formats as specified in
references/contract/guide.mdandSKILL.md. - Boundary markers: No explicit delimiters are used to separate untrusted document content from the agent's system instructions.
- Capability inventory: The skill uses
mcp__sequential-thinking__sequentialthinkingand thekorean-lawMCP server. It also interacts with internal agents likequality-evaluatorandformat-converter. No arbitrary command execution or network exfiltration capabilities were identified. - Sanitization: No specific sanitization or validation of the input document content is described.
- [EXTERNAL_DOWNLOADS]: The skill references the
korean-lawMCP server to fetch legal statutes and precedents. This is a legitimate resource for the skill's purpose and is handled through standard tool-calling mechanisms.
Audit Metadata