healthcare-providers-verify

Pass

Audited by Gen Agent Trust Hub on May 28, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No malicious patterns or security risks were identified. The skill follows standard operational procedures for healthcare provider credential verification using authoritative sources like the NPPES API.
  • [COMMAND_EXECUTION]: The skill utilizes Bash for local environment checks, date calculations, and interacting with the vendor's CLI tool. These operations are transparent, scoped to the skill's operational requirements, and used for legitimate data processing tasks such as parsing NPI records and updating session logs.
  • [EXTERNAL_DOWNLOADS]: Dependencies are limited to the vendor's official CLI package (@nimble-way/nimble-cli) and standard system utilities. Network activity is strictly directed toward official government registries (npiregistry.cms.hhs.gov) and well-known medical data providers.
  • [DATA_EXFILTRATION]: Data transmission is limited to authorized NPI registries and user-configured distribution channels (Notion or Slack) via MCP connectors. The skill adheres to privacy best practices by storing results in a local vendor-managed directory (~/.nimble/) and avoiding unauthorized data transmission.
Audit Metadata
Risk Level
SAFE
Analyzed
May 28, 2026, 07:02 AM
Security Audit — agent-trust-hub — healthcare-providers-verify