treatment-plans
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Command Execution] (SAFE): The documentation contains instructions for running standard LaTeX compilation tools such as xelatex and bibtex. These are appropriate for the skill's purpose of document generation.
- [Privilege Escalation] (LOW): The troubleshooting section in the documentation suggests using sudo tlmgr install to resolve missing LaTeX dependencies. This is a manual administrative action and does not involve automated privilege escalation within the scripts.
- [Data Exposure] (SAFE): The check_completeness.py script specifically searches for HIPAA compliance and de-identification notices, which aligns with security and privacy best practices for medical data.
- [File Access] (SAFE): The Python scripts use standard library functions to read and copy local template files within the skill's own directory structure.
- [Indirect Prompt Injection] (SAFE): The skill processes user-supplied LaTeX files via regex for validation but does not interpolate this data into prompts for LLM execution.
Audit Metadata