dala-care-api
Warn
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADS
Full Analysis
- EXTERNAL_DOWNLOADS (MEDIUM): The installation command 'npx skills add' references a GitHub repository (careverk/dala-skills) that is not included in the trusted sources list. This allows for the execution of unverified code during the skill installation process.
- DATA_EXFILTRATION (LOW): The skill performs network operations to non-whitelisted domains (api.eu.dala.care and api.us.dala.care). While these are consistent with the primary purpose of the skill, they represent external data flow of sensitive healthcare information.
- INDIRECT_PROMPT_INJECTION (LOW): The skill processes potentially untrusted data from the Dala Care API which could contain malicious instructions meant to influence the agent. 1. Ingestion points: GraphQL API responses containing care plans and client profiles. 2. Boundary markers: Documentation does not mention delimiters or warnings for processed data. 3. Capability inventory: The skill can create, modify, or cancel care plans and visits. 4. Sanitization: No sanitization methods are documented for external data ingestion.
Audit Metadata