healthcare-providers-verify
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill communicates with well-known and official government services like the NPPES API (npiregistry.cms.hhs.gov) for medical credential verification.
- [COMMAND_EXECUTION]: Performs local system operations using python3 for date calculations and the nimble CLI for legitimate data retrieval tasks.
- [EXTERNAL_DOWNLOADS]: References the @nimbleway/cli package for installation, which is a verified resource owned by the skill author.
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface through its ingestion of practitioner data from external sources (CSV, Google Sheets, or pasted text) as seen in SKILL.md Step 1. Boundary markers: Absent for raw input data. Capability inventory: Subprocess calls, file system writes, and sub-agent spawning for parallel research. Sanitization: Implemented via data normalization logic and structured cross-referencing against official NPI records. The risk is assessed as low given the scoped verification context.
Audit Metadata