clinical-trial-schema-designer
Warn
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: MEDIUMPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION] (MEDIUM): High susceptibility to Indirect Prompt Injection.
- Ingestion points: The protocol_text field in skill.yaml accepts raw text from external clinical protocols.
- Boundary markers: Absent. The skill lacks instructions for the agent to distinguish between valid protocol data and malicious instructions embedded in the text.
- Capability inventory: The skill claims to generate SQL and Pydantic schemas. While the provided files do not contain execution scripts, the generated output is intended for use in data pipelines.
- Sanitization: No sanitization or validation of the input text is described.
Audit Metadata