contract-analyzer
Pass
Audited by Gen Agent Trust Hub on Jun 21, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted user-provided content (contracts), which presents an attack surface for indirect prompt injection.
- Ingestion points: User-supplied agreement text or contract files processed via prompts.
- Boundary markers: Absent; the instructions do not specify markers to delimit untrusted text from the agent's internal logic.
- Capability inventory: None; the skill does not utilize any tools for executing code, modifying the file system, or initiating network requests.
- Sanitization: None; the skill does not instruct the agent to sanitize or ignore instructions embedded within the processed contracts.
- Conclusion: Due to the lack of actionable capabilities (tools), the potential for exploitation is negligible.
- [SAFE]: The skill contains no executable code, remote dependencies, or obfuscated content. Its functionality is strictly confined to natural language processing and text analysis within the user's session.
Audit Metadata