fhir-hl7-validator
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- No Code (SAFE): The skill is comprised of Markdown documentation and JSON configuration files only. No executable scripts (Python, JS, Bash) or binaries are included, which eliminates the risk of direct malicious code execution from the skill itself.
- Indirect Prompt Injection (LOW): The skill is designed to ingest and process untrusted healthcare data, which creates a potential surface for indirect prompt injection.
- Ingestion points: Commands like
validate-fhirandbulk-validateinSKILL.mdtarget external files and directories. - Boundary markers: Absent; the instructions do not require the agent to use delimiters to isolate data from its instructions.
- Capability inventory: Includes reading local files and potentially performing network lookups for terminology validation.
- Sanitization: No sanitization or escaping instructions are provided for the ingested data.
- Metadata (SAFE): The metadata in
agent-skills.jsonandSKILL.mdis descriptive and consistent with the tool's healthcare validation purpose, with no signs of deceptive poisoning.
Audit Metadata