pydicom
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION] (LOW): Indirect Prompt Injection Surface. Extraction of metadata from untrusted DICOM files creates a risk where instructions embedded in medical tags (e.g., PatientComments) could influence the agent's behavior. Ingestion points: scripts/extract_metadata.py (pydicom.dcmread). Boundary markers: None present. Capability inventory: File-system write via scripts/anonymize_dicom.py and scripts/dicom_to_image.py. Sanitization: Value formatting is implemented, but no protection against natural language instructions exists.
- [DATA_PRIVACY] (INFO): The anonymization tool uses a static list of common PHI tags; however, medical data is highly sensitive and PHI may still exist in private vendor tags or burned-in image annotations not covered by the script.
Audit Metadata