travel-health-analyzer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Prompt Injection (LOW): The skill is susceptible to Indirect Prompt Injection (Category 8) because it processes external data from JSON files that could contain malicious instructions.
- Ingestion points: Ingests user-provided health and travel data from
data/travel-health-tracker.json. - Boundary markers: Absent. The skill does not use delimiters or instructions to ignore embedded commands within the processed data.
- Capability inventory: The skill has
Read,Write,Grep, andGlobpermissions, which could be abused to access or overwrite other local files if the agent is compromised via data injection. - Sanitization: Absent. There is no evidence of input validation or sanitization for the data being read.
- Data Exposure (SAFE): The skill handles sensitive Personal Health Information (PHI), including medication history, allergies, and potentially passport details. While no exfiltration patterns were detected, the storage of this data in plaintext JSON files constitutes a privacy risk if the environment is not secured.
Audit Metadata