israeli-bureaucracy-decoder
Pass
Audited by Gen Agent Trust Hub on May 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill identifies and processes government documents using a local Python script (
scripts/document-analyzer.py). This script uses regular expressions to extract structured data like dates and reference numbers and does not perform any network calls or unsafe code execution. - [SAFE]: Instructions for looking up laws direct the agent to use
WebFetchonmain.knesset.gov.il, the official and trusted legislative database of the Israeli Knesset. - [SAFE]: There are no indicators of credential harvesting, obfuscation, or persistence. The requested tools (
Bash,Read,Edit,WebFetch) are appropriate for the skill's functionality as a document interpretation and research tool. - [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection (Category 8) as it processes untrusted input from user-provided documents.
- Ingestion points:
SKILL.mdStep 1 (reading pasted text or file content). - Boundary markers: Absent.
- Capability inventory:
Bash(script execution),Read(local file access),WebFetch(network access for law research). - Sanitization: Absent (the script uses regex parsing but does not sanitize for instructions). This surface is considered safe within the context of the skill's specific purpose and the absence of high-privilege execution sinks.
Audit Metadata