clinical-reports
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No instructions attempting to override agent behavior, bypass safety filters, or extract system prompts were detected in the templates or metadata.
- [Data Exposure & Exfiltration] (SAFE): The skill handles clinical data locally. There are no network-capable functions (e.g., requests, socket) or hardcoded credentials identified in the scripts or templates.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): All provided Python scripts utilize only standard libraries (argparse, json, re, shutil, pathlib, csv). No external package installations or remote script executions (e.g., curl|bash) are present.
- [Indirect Prompt Injection] (SAFE): While the validation scripts (e.g., compliance_checker.py, extract_clinical_data.py) ingest user-provided clinical reports as input files, the processing is limited to static regular expression matching for information extraction, with no dynamic code execution or interpolation into risky tool calls.
Audit Metadata