legal-article-retrieval
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a template for legal research and does not contain any executable code or malicious instructions.
- [PROMPT_INJECTION]: No evidence of prompt injection or safety bypass attempts was found. The skill uses directive language ('MUST', 'Strictly Prohibited') to ensure the agent adheres to factual legal sources and avoids hallucination.
- [CREDENTIALS_UNSAFE]: The README.md file contains a configuration template for an MCP server that uses standard placeholders like 'YOUR_TOKEN' and '{SERVICE_ID}'. It explicitly warns users not to commit actual credentials to repositories.
- [EXTERNAL_DOWNLOADS]: The skill mentions connecting to external legal databases via MCP. The primary example points to 'pkulaw.com', which is a well-known and established legal research service in China. This is documented neutrally as a configuration step for the user.
- [DATA_EXFILTRATION]: There are no commands or logic designed to harvest sensitive user files (such as SSH keys or environment variables) or send data to unauthorized external endpoints.
Audit Metadata