abridge-security-basics
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides defensive code examples for enforcing TLS 1.3 and ensuring certificate validation for API communication.
- [SAFE]: Implements a proactive audit logging mechanism in
src/security/audit-logger.tsthat includes regex-based detection to prevent PII/PHI (such as SSNs or MRNs) from being accidentally logged. - [SAFE]: Promotes secure secret management by explicitly instructing against hardcoded credentials and providing implementation examples for Google Cloud Secret Manager.
- [SAFE]: Defines a robust Role-Based Access Control (RBAC) matrix to help implement the principle of least privilege within the integration environment.
- [SAFE]: References official and well-known documentation from the Department of Health and Human Services (HHS) and Abridge's official security pages.
Audit Metadata