insurance-agent-health-disclosure-guide
Pass
Audited by Gen Agent Trust Hub on Jun 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill integrates with legitimate services and libraries (
dashscope,agentscope) consistent with the author's profile. - [SAFE]: Detailed compliance constraints are present, explicitly prohibiting the induction of concealment and mandating the protection of sensitive customer data through anonymization.
- [PROMPT_INJECTION]: Evaluated for indirect prompt injection surface.
- Ingestion points: Untrusted data enters via the
customer_health_infoparameter defined in the workflow and processed inSKILL.md. - Boundary markers: No explicit delimiters are specified for the interpolation of user health data.
- Capability inventory: The skill instructions reference file-writing operations for audit logs in the
audit/directory as described inSKILL.md. - Sanitization: Input is validated for structural completeness by
scripts/validate_input.py, but semantic sanitization of the health information content is not performed. - [COMMAND_EXECUTION]: The skill documentation includes a requirement for generating audit logs to a local directory (
audit/). This is an expected feature for professional financial tools to maintain a compliance trail.
Audit Metadata