healthtech-advisor
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues detected. The skill contains educational material, templates, and a benign Python script.
- [DATA_EXPOSURE]: The included script
phi_scope_checker.pyoperates locally on user-provided text files. It does not perform network operations, exfiltrate data, or access sensitive system directories. - [COMMAND_EXECUTION]: The skill instructions and workflows use a local Python script for keyword scanning. No unauthorized privilege escalation or dangerous shell command patterns were found.
- [INDIRECT_PROMPT_INJECTION]: While the
phi_scope_checker.pyscript processes untrusted user input (product descriptions), it uses static regular expressions for scanning and does not execute the input as code or pass it to an LLM prompt, effectively eliminating the risk of injection-based attacks.
Audit Metadata