assess-hipaa
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it interpolates user-provided input ($ARGUMENTS) directly into the prompt for the sub-agent without sanitization or boundary markers. An attacker could provide input containing instructions to override the agent's behavior.\n
- Ingestion points: The $ARGUMENTS variable in SKILL.md receives the user-supplied scope description.\n
- Boundary markers: No delimiters (such as triple quotes, XML tags, or explicit markers) are used to isolate user input from the rest of the system prompt.\n
- Capability inventory: The skill is authorized to use the Task and Skill tools and loads multiple external modules (hipaa-compliance, data-classification, security-frameworks).\n
- Sanitization: The input is interpolated directly into the sub-agent prompt without any validation, escaping, or filtering.
Audit Metadata