healthcare-providers-extract

Pass

Audited by Gen Agent Trust Hub on May 15, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill implements a robust and transparent workflow for healthcare data extraction. It adheres to the principle of least privilege by defining an allowed-tools list and uses a dedicated memory architecture (~/.nimble/) to persist data without interfering with user project files.
  • [EXTERNAL_DOWNLOADS]: The skill documentation describes the installation of the @nimbleway/cli tool and the use of various Nimble web agents. These resources are provided by the skill's author (Nimbleway) and are necessary for the skill's core functionality, qualifying as safe vendor resources.
  • [PROMPT_INJECTION]: The skill processes untrusted content from external healthcare websites (Step 4, Page Extraction). While this creates a surface for indirect prompt injection, the risk is minimal as the instructions are focused on extracting specific, structured data fields (name, credentials, specialty, contact, education) rather than executing content from the pages.
  • Ingestion points: Untrusted data enters the context via the nimble extract command output in Step 4.
  • Boundary markers: The instructions do not specify explicit delimiters for the extracted markdown, which is a minor best-practice violation.
  • Capability inventory: The skill has access to Bash (nimble, cat, ls, mkdir, python3), file system operations (Write, Edit), and the Agent tool for sub-agent spawning.
  • Sanitization: No specific sanitization or filtering of the extracted web content is mentioned prior to parsing.
Audit Metadata
Risk Level
SAFE
Analyzed
May 15, 2026, 08:25 PM
Security Audit — agent-trust-hub — healthcare-providers-extract