regulatory-monitoring
Pass
Audited by Gen Agent Trust Hub on May 14, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists of instructional content and reporting templates for legal operations. No executable code, scripts, or automated subprocesses are included in the skill definition.
- [PROMPT_INJECTION]: The skill is designed to process external regulatory data from sources like legislation.gov.uk and EUR-Lex, which technically introduces a surface for indirect prompt injection. However, the skill lacks the necessary capabilities to exploit this surface, as it has no file system, network, or command execution tools.
- Ingestion points: Regulatory sources specified in the 'Source Configuration' section of SKILL.md.
- Boundary markers: Absent from the template instructions.
- Capability inventory: None; the skill provides no functional scripts or executable logic.
- Sanitization: No sanitization or validation of the fetched regulatory text is specified.
Audit Metadata