hipaa-audit
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection as it is designed to process untrusted data during audits.\n
- Ingestion points: The skill is intended to audit external applications and infrastructure code using tools like Read, Grep, and Glob (defined in SKILL.md frontmatter).\n
- Boundary markers: There are no instructions defining explicit boundary markers or warnings to the agent to ignore instructions embedded in the analyzed data.\n
- Capability inventory: The skill has access to powerful tools such as Bash, Write, and WebSearch, which could be exploited if the agent follows instructions hidden in audited files.\n
- Sanitization: No sanitization or validation of the ingested data is specified in the audit instructions.
Audit Metadata