insurance-underwriting-medical-assessment
Pass
Audited by Gen Agent Trust Hub on Jun 29, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted external data in the form of medical reports, pathology records, and images via OCR. This presents a potential surface for indirect prompt injection if malicious instructions are embedded in the analyzed documents.\n
- Ingestion points: Medical materials (physical reports, images, digital text) provided by the insured person in Step 2 of the workflow.\n
- Boundary markers: The instructions do not define explicit delimiters (e.g., XML tags) to wrap the extracted OCR text to separate data from instructions.\n
- Capability inventory: The agent can call specialized MCP tools (
ocr-service,medical-kb,underwriting-system) and is instructed to write audit logs to theaudit/directory.\n - Sanitization: The provided Python script (
scripts/validate_input.py) performs basic field presence validation but does not sanitize content for command or prompt injection patterns.\n- [PERSISTENCE_MECHANISMS]: The skill instructions specify that an audit log should be generated in theaudit/directory for every execution. While typical for professional auditing tools, this involves local file system write operations.
Audit Metadata