hitech-act-privacy
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's primary function is educational and diagnostic, providing a structured way to evaluate HIPAA/HITECH violations and business associate liability.
- [COMMAND_EXECUTION]: The Python script
scripts/process.pyuses standard conditional logic and arithmetic to calculate penalty ranges and assess compliance status. It does not useeval(),exec(), or any subprocess-related functions that could lead to command injection. - [DATA_EXFILTRATION]: There are no network operations (e.g.,
requests,curl,wget) or access to sensitive local file paths (e.g.,.env,.ssh). All processing is performed locally on the data provided to the functions. - [EXTERNAL_DOWNLOADS]: No external packages or remote scripts are referenced or installed. The skill relies only on Python's standard library (
json,os,datetime). - [PROMPT_INJECTION]: No instructional overrides, role-play prompts, or system prompt extraction patterns were detected in the markdown content or metadata.
- [DYNAMIC_CONTEXT_INJECTION]: The skill does not utilize the
!commandsyntax for dynamic content injection inSKILL.md.
Audit Metadata