hipaa-audit-helper
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWNO_CODE
Full Analysis
- [No Code] (SAFE): The provided skill file contains only Markdown documentation and YAML frontmatter. No scripts, executable code, or installation commands are present in the skill definition.
- [Category 8] (INFO): Indirect Prompt Injection Surface. The skill requests 'Bash' and 'Write' permissions, which are powerful capabilities. However, since the skill is currently documentation-only and lacks logic to ingest or process untrusted external data, there is no active vulnerability. Users should ensure that any future scripts added to this skill sanitize inputs before passing them to the 'Bash' tool.
- [Category 7] (INFO): Metadata evaluation. The metadata (name, description, author) appears legitimate and consistent with the stated purpose of assisting with compliance audits.
Audit Metadata