zh-ebn-report
Pass
Audited by Gen Agent Trust Hub on Apr 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses
subprocess.runto invoke the Quarto document rendering engine insrc/zh_ebn_report/renderers/quarto.py. This is a legitimate functionality used to convert the AI-generated markdown reports into final DOCX files. The execution uses controlled arguments and is restricted to the intended purpose of document generation. - [PROMPT_INJECTION]: The skill handles external data from medical databases (such as paper abstracts) which are processed by multiple subagents. While this creates a surface for indirect prompt injection, the risk is mitigated by a modular architecture where subagents are constrained by structured JSON output requirements and explicit formatting rules.
- [SAFE]: The skill incorporates a robust de-identification utility (
src/zh_ebn_report/utils/deid.py) designed to identify and flag sensitive personal data, such as Taiwan ID numbers and medical record numbers, before they can be included in a report. Furthermore, the skill enforces ethical AI usage through mandatory user audit checkpoints and disclosure templates.
Audit Metadata