israeli-small-claims-court

Pass

Audited by Gen Agent Trust Hub on Jun 12, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill is designed to ingest untrusted user data (dispute details and claim amounts) and incorporate them into agent responses and tool calls. \n
  • Ingestion points: User descriptions of legal disputes and specific claim amounts (e.g., Examples 1-4 in SKILL.md). \n
  • Boundary markers: Absent. The instructions do not define delimiters or provide 'ignore embedded instructions' warnings for the data being processed. \n
  • Capability inventory: The skill directs the agent to execute a local shell command (python scripts/filing-fee-calculator.py --amount [value]) which is a sensitive capability in certain agent environments. \n
  • Sanitization: Absent. There is no instruction to sanitize or validate the user input before it is interpolated into the command line. \n- [COMMAND_EXECUTION]: Local Script Execution. The skill includes a Python script (scripts/filing-fee-calculator.py) intended to be run locally by the agent to compute court fees. The script itself is safe and uses standard libraries, but its execution with user-provided arguments creates a potential command injection vector if the agent does not properly escape the input. \n- [SAFE]: External References. The skill links to authoritative Israeli government websites (gov.il), legal databases (kolzchut.org.il, nevo.co.il), and vendor-provided MCP servers (agentskills.co.il). These references are appropriate for the skill's purpose and originate from trusted or vendor-controlled domains.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 12, 2026, 08:36 PM
Security Audit — agent-trust-hub — israeli-small-claims-court