ai-analyzer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Data Exposure] (LOW): The skill reads highly sensitive health-related files including
medications.json,allergies.json, andindex.json. This behavior is expected given the skill's primary function of health risk prediction and no network exfiltration patterns were identified. - [Indirect Prompt Injection] (LOW): There is an attack surface for indirect prompt injection as the skill processes external health data files.
- Ingestion points: Reads data from
data/*.jsonanddata-example/*.json(e.g., fitness, sleep, and nutrition trackers). - Boundary markers: No delimiters or warnings to ignore embedded instructions are present in the processing logic.
- Capability inventory: The skill uses
Read,Grep,Glob, andWritetools. - Sanitization: No explicit sanitization or validation of the input data is described before processing.
- [Command Execution] (SAFE): While Step 8 of the execution instructions mentions running a Python script (
scripts/generate_ai_report.py), theallowed-toolsheader correctly limits the agent to file operations (Read,Grep,Glob,Write), effectively preventing the execution of arbitrary scripts or commands unless a Python execution tool is separately provided by the environment.
Audit Metadata