clinical-case-report
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to parse untrusted user input (a clinical brief) and incorporate that data into a generated HTML file, which constitutes a surface for indirect prompt injection if malicious instructions or scripts are embedded in the input brief.\n
- Ingestion points: Patient age, sex, chief complaint, and clinical narratives extracted from the user's prompt in Step 1.\n
- Boundary markers: Absent; the workflow does not instruct the agent to use delimiters or explicit 'ignore instructions' markers when processing the user's brief.\n
- Capability inventory: The skill possesses the capability to write a multi-section HTML document (
index.html) using Step 6.\n - Sanitization: Instructions do not explicitly mandate HTML escaping or sanitization of patient-provided narrative strings before they are interpolated into the artifact.
Audit Metadata