Back to skill

Security audit

Litigation Docs Generator

Security checks across malware telemetry and agentic risk

Overview

This legal-document skill is mostly coherent, but it should be reviewed because it handles sensitive legal/financial documents and external lookups without clear privacy and consent boundaries.

Install only if you are comfortable giving the skill sensitive litigation facts, signed contract contents, lawyer and client details, and law-firm payment information. Before use, confirm which legal databases are connected, avoid uploading unnecessary signed or financial documents, and review any custom template conversion before it is reused.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
92% confidence
Finding
The skill says uploaded custom contracts can be converted into a YAML template and used to replace `references/retainer_agreement_template.md`, which turns untrusted user content into system instructions/templates. That creates an instruction/data boundary violation and can let uploaded content alter downstream generation behavior in ways not disclosed by the earlier documentation.

Intent-Code Divergence

Medium
Confidence
89% confidence
Finding
The skill claims all documents are strictly driven by trusted `references/` templates, but later allows those templates to be replaced from uploaded files. This contradiction weakens trust assumptions and opens a path for adversarial or malformed uploaded content to influence document generation under the guise of trusted local templates.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill actively solicits signed retainer contracts and custom templates, which commonly contain highly sensitive personal, legal, and financial information, but provides no clear privacy warning or handling notice. Users may disclose identity documents, signatures, addresses, bank account details, and privileged legal matter details without informed consent about processing or retention.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill states that enterprise information and legal database lookups may be performed automatically based on party information, but it does not clearly warn users that case-related identifiers may be sent to external legal or enterprise databases. In a litigation context, even company-party queries can reveal confidential dispute preparation, counterparties, or case strategy to third-party services.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Static analysis

No suspicious patterns detected.