family-health-analyzer
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's behavior is consistent with its stated purpose of health data analysis and visualization.
- [DATA_EXFILTRATION]: The skill reads sensitive health data files (e.g., 'data/profile.json' and 'data/family-health-tracker.json'). This access is necessary for the primary function of genetic risk assessment, and no evidence of data exfiltration or unauthorized network operations was found.
- [PROMPT_INJECTION]: The skill ingests data from local JSON files, which represents a potential surface for indirect prompt injection. 1. Ingestion points: 'data/family-health-tracker.json', 'data/hypertension-tracker.json', 'data/diabetes-tracker.json', 'data/profile.json'. 2. Boundary markers: Absent. 3. Capability inventory: Read, Write, Grep, Glob. 4. Sanitization: Absent. However, the data is processed for statistical weighting and ECharts visualization rather than direct instruction interpolation, posing a negligible security risk.
Audit Metadata