hitech-act-privacy

Pass

Audited by Gen Agent Trust Hub on Jun 16, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill's primary function is educational and diagnostic, providing a structured way to evaluate HIPAA/HITECH violations and business associate liability.
  • [COMMAND_EXECUTION]: The Python script scripts/process.py uses standard conditional logic and arithmetic to calculate penalty ranges and assess compliance status. It does not use eval(), exec(), or any subprocess-related functions that could lead to command injection.
  • [DATA_EXFILTRATION]: There are no network operations (e.g., requests, curl, wget) or access to sensitive local file paths (e.g., .env, .ssh). All processing is performed locally on the data provided to the functions.
  • [EXTERNAL_DOWNLOADS]: No external packages or remote scripts are referenced or installed. The skill relies only on Python's standard library (json, os, datetime).
  • [PROMPT_INJECTION]: No instructional overrides, role-play prompts, or system prompt extraction patterns were detected in the markdown content or metadata.
  • [DYNAMIC_CONTEXT_INJECTION]: The skill does not utilize the !command syntax for dynamic content injection in SKILL.md.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 16, 2026, 03:33 PM
Security Audit — agent-trust-hub — hitech-act-privacy