hipaa-phi-inventory

Pass

Audited by Gen Agent Trust Hub on Jun 16, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill provides structured documentation and automated checks for HIPAA compliance with no evidence of malicious intent or hidden payloads.
  • [PROMPT_INJECTION]: Analysis of SKILL.md and supporting markdown files revealed no instructions attempting to bypass safety filters, override agent behavior, or extract system prompts.
  • [DATA_EXFILTRATION]: No network operations (curl, requests, etc.) or hardcoded credentials were found. The skill does not access sensitive local configuration paths like SSH keys or AWS credentials.
  • [REMOTE_CODE_EXECUTION]: The Python script in scripts/process.py relies exclusively on standard library modules (json, sys, datetime). It does not download external packages or execute remote code.
  • [COMMAND_EXECUTION]: There are no attempts to execute arbitrary shell commands, perform privilege escalation (sudo), or establish persistence on the host system.
  • [OBFUSCATION]: No Base64-encoded instructions, zero-width characters, or homoglyph-based deceptions were identified in the source files.
  • [DYNAMIC_EXECUTION]: The logic in the Python script is static and focuses on auditing structured JSON data; it contains no dangerous functions like eval(), exec(), or unsafe deserialization.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 16, 2026, 03:33 PM
Security Audit — agent-trust-hub — hipaa-phi-inventory