dicom-metadata-extract

Pass

Audited by Gen Agent Trust Hub on Jun 12, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No security issues were detected. The skill performs standard metadata extraction from DICOM files and emits structured JSON. It does not perform network operations or require elevated privileges.
  • [INDIRECT_PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface through the processing of untrusted DICOM data.
  • Ingestion points: File input provided via the dicom_path argument in scripts/extract_metadata.py.
  • Boundary markers: No specific delimiters or safety warnings are included in the generated output to isolate metadata values.
  • Capability inventory: The skill is permitted to use the Bash tool per the SKILL.md frontmatter, but its own implementation is restricted to local file reading and JSON output.
  • Sanitization: Data is sanitized via type conversion in _safe_str and standard JSON encoding via json.dumps before being returned.
  • [COMMAND_EXECUTION]: The skill's test suite (tests/test_basic.py) invokes subprocess.run to call the Python script. This execution is confined to testing the skill's CLI interface with predefined arguments and does not pose a threat to the user environment.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 12, 2026, 07:42 PM
Security Audit — agent-trust-hub — dicom-metadata-extract