Skills
skills/imagingdatacommons/idc-claude-skill/imaging-data-commons/Gen Agent Trust Hub

imaging-data-commons

Pass

Audited by Gen Agent Trust Hub on May 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill includes an automated setup block in SKILL.md that uses subprocess.run to ensure the idc-index Python package is installed and pinned to the correct version required for the current data release.
  • [COMMAND_EXECUTION]: The test suite (tests/test_bq_snippets.py) uses subprocess.run to invoke the Google Cloud bq CLI for dry-run validation of the SQL snippets provided in the documentation.
  • [EXTERNAL_DOWNLOADS]: The skill interacts with public cloud storage buckets on Google Cloud Storage (storage.googleapis.com) and AWS S3 (s3.amazonaws.com) to retrieve DICOM imaging data.
  • [EXTERNAL_DOWNLOADS]: The skill references official DICOMweb and BigQuery endpoints provided by the National Cancer Institute and Google Cloud for metadata access.
  • [SAFE]: The skill documentation and logic are highly transparent, explicitly stating that no user credentials or sensitive environment variables are accessed. It relies on standard system-level authentication for optional GCP services.
Audit Metadata
Risk Level
SAFE
Analyzed
May 13, 2026, 05:17 AM