The Agent Skills Directory

[Prompt Injection] (SAFE): No instructions were found that attempt to override agent behavior, bypass safety filters, or extract system prompts. The language is purely instructional and technical.- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, sensitive system file paths, or unauthorized network operations were detected. The use of hashing (SHA-256 and MD5) and encryption examples are correctly applied for data masking and de-identification within a healthcare context.- [Obfuscation] (SAFE): The content is clear and readable. No Base64, zero-width characters, homoglyphs, or other obfuscation techniques were identified.- [Unverifiable Dependencies & Remote Code Execution] (SAFE): No external package installations or remote script execution patterns (e.g., curl | bash) were found. The code relies on standard library functions.- [Indirect Prompt Injection] (SAFE): While the skill logic is designed to process untrusted data (patient records), it lacks any capabilities that would make it exploitable. Ingestion points: Functions like scan_for_phi, deidentify_record, and filterPHIResponse process input data. Boundary markers: None present as these are isolated code snippets. Capability inventory: The skill contains no subprocess calls, network access, or file-writing capabilities. Sanitization: The examples explicitly demonstrate sanitization through regex detection and role-based access control.

hipaa-compliance