rct-appraisal
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION] (LOW): The skill is designed to ingest and process external clinical research data, representing an attack surface for indirect prompt injection (Category 8).
- Ingestion points: Untrusted RCT research papers and trial datasets (referenced in
VALIDATION_SUMMARY.md). - Boundary markers: None identified in the provided documentation; no explicit delimiters or instructions to ignore embedded commands are described.
- Capability inventory: Numerical calculations and quality scoring logic are executed via local Python scripts (
effect_size_calculator.py,grade_calculator.py). - Sanitization: No evidence of input validation or sanitization of clinical data is present in the analyzed files.
- [EXTERNAL_DOWNLOADS] (SAFE): The
requirements.txtfile specifies standard, reputable Python packages from PyPI (pandas, numpy, scipy, statsmodels, pyyaml, jinja2, matplotlib, seaborn, click, rich) with version pinning, which is standard practice for scientific computing.
Audit Metadata