Skills
skills/k-dense-ai/claude-scientific-skills/clinical-reports/Gen Agent Trust Hub

clinical-reports

Pass

Audited by Gen Agent Trust Hub on Mar 3, 2026

Risk Level: SAFE
Full Analysis
  • [PROMPT_INJECTION]: The skill instructions do not contain any patterns intended to bypass AI safety filters or override system-level instructions. The instructions are focused on adherence to medical reporting standards like CARE and ICH-E3.
  • [DATA_EXPOSURE_AND_EXFILTRATION]: No hardcoded credentials or unauthorized data transmission logic were detected. The skill actively promotes data privacy through scripts/check_deidentification.py, which helps detect and remove sensitive HIPAA identifiers from reports.
  • [OBFUSCATION]: The documentation and source code are provided in plain text without any use of Base64, zero-width characters, or other masking techniques.
  • [UNVERIFIABLE_DEPENDENCIES_AND_REMOTE_CODE_EXECUTION]: All included scripts utilize standard Python library modules (e.g., re, json, csv). There are no external package installations or remote code execution patterns present.
  • [PRIVILEGE_ESCALATION]: No commands related to privilege escalation, such as sudo or excessive chmod operations, were identified in the skill scripts or instructions.
  • [PERSISTENCE_MECHANISMS]: The skill does not attempt to modify system configuration files or establish any form of persistence on the host system.
  • [METADATA_POISONING]: The skill metadata correctly identifies the author and purpose, with no hidden instructions or deceptive descriptions found in the frontmatter or README files.
  • [INDIRECT_PROMPT_INJECTION]: The skill handles clinical data processed through files. While it lacks explicit delimiters for data boundaries, its specialized focus on structured templates and regulatory checklists minimizes the surface for accidental instruction following from processed data.
  • [TIME_DELAYED_CONDITIONAL_ATTACKS]: The logic in the provided automation scripts is straightforward and does not contain any conditional triggers based on time, date, or environment variables.
  • [DYNAMIC_EXECUTION]: No usage of eval(), exec(), or runtime compilation of generated code was found. The Python scripts perform static pattern matching and file operations only.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 3, 2026, 08:47 PM