mdr-745-specialist
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill's primary function is to analyze untrusted external data such as technical documentation and clinical evidence provided by users for regulatory compliance assessment. \n
- Ingestion points: Technical Documentation (Annex II/III) and Clinical Evidence (Annex XIV) as described in SKILL.md. \n
- Boundary markers: Absent. The instructions do not provide delimiters to isolate external content from agent instructions. \n
- Capability inventory: Capabilities are limited to regulatory reasoning and report generation. No subprocess calls, eval/exec, file-write, or network operations were found in the provided files (SKILL.md, scripts/example.py). \n
- Sanitization: No sanitization or validation logic is present for external content. \n- Incomplete Implementation (INFO): The skill package is currently a skeleton. While SKILL.md references several automation scripts for gap analysis and EUDAMED reporting, these files are missing from the bundle. The provided scripts/example.py is a non-functional placeholder.
Audit Metadata