occupational-health-analyzer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION] (SAFE): The instructions focus exclusively on occupational health analysis and risk scoring. It includes explicit medical safety boundaries ('Medical Safety Boundary') and no patterns for bypassing safety filters or overriding system instructions were found.
- [DATA_EXFILTRATION] (SAFE): Although the skill reads health-related JSON data from a local directory, it does not utilize any network tools (curl, wget) or external endpoints, ensuring data remains within the local environment.
- [COMMAND_EXECUTION] (SAFE): The skill requests standard file system tools (Read, Grep, Glob, Write, Edit) to process data. It does not attempt to execute shell commands, manage services, or modify system-level configurations.
- [INDIRECT_PROMPT_INJECTION] (SAFE): The skill ingests data from local JSON trackers, representing a potential attack surface. However, the risk is negligible because the skill lacks the capabilities (network or shell access) required to exploit injected instructions.
- Ingestion points: Reads files like
data-example/occupational-health-tracker.json. - Boundary markers: None; data is processed via scoring logic.
- Capability inventory: Limited to file read/write operations.
- Sanitization: Basic structure validation is performed, but no deep sanitization of content is specified.
Audit Metadata