deidentify
Pass
Audited by Gen Agent Trust Hub on May 5, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements strong security boundaries by using a local Python script to process sensitive data. It explicitly instructs the agent never to request or view raw PHI, ensuring compliance with data privacy standards like HIPAA.
- [DATA_EXFILTRATION]: No network-capable code or exfiltration patterns were detected in the Python script or instructions. The script uses standard libraries and operates strictly on local file paths.
- [REMOTE_CODE_EXECUTION]: The skill avoids dynamic code execution and remote script fetching. It relies on a well-documented local script (
deidentify.py) and standard dependencies likeopenpyxlfor Excel processing. - [CREDENTIALS_UNSAFE]: No hardcoded credentials or secrets are present. The skill uses dynamically generated seeds for date shifting and SHA-256 hashing for audit trails, following cryptographic best practices.
- [PROMPT_INJECTION]: The instructions contain clear safety guardrails and anti-hallucination rules that prevent the agent from attempting to bypass data privacy restrictions or fabricate information.
Audit Metadata