pydicom
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill parses untrusted DICOM files, creating a surface where malicious instructions hidden in metadata could influence an agent's behavior. \n
- Ingestion points:
extract_metadata.pyreads metadata tags directly from DICOM files usingpydicom. \n - Boundary markers: Absent; metadata is displayed or saved without delimiters or instructions to ignore embedded content. \n
- Capability inventory: File system write access is available in
anonymize_dicom.pyanddicom_to_image.py. \n - Sanitization: The skill lacks sanitization of metadata values before they are presented to the agent.
Audit Metadata