insurance-underwriting-medical-assessment

Pass

Audited by Gen Agent Trust Hub on Jun 29, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted external data in the form of medical reports, pathology records, and images via OCR. This presents a potential surface for indirect prompt injection if malicious instructions are embedded in the analyzed documents.\n
  • Ingestion points: Medical materials (physical reports, images, digital text) provided by the insured person in Step 2 of the workflow.\n
  • Boundary markers: The instructions do not define explicit delimiters (e.g., XML tags) to wrap the extracted OCR text to separate data from instructions.\n
  • Capability inventory: The agent can call specialized MCP tools (ocr-service, medical-kb, underwriting-system) and is instructed to write audit logs to the audit/ directory.\n
  • Sanitization: The provided Python script (scripts/validate_input.py) performs basic field presence validation but does not sanitize content for command or prompt injection patterns.\n- [PERSISTENCE_MECHANISMS]: The skill instructions specify that an audit log should be generated in the audit/ directory for every execution. While typical for professional auditing tools, this involves local file system write operations.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 29, 2026, 06:40 AM
Security Audit — agent-trust-hub — insurance-underwriting-medical-assessment