ai-agent-compliance-controls
Pass
Audited by Gen Agent Trust Hub on Jun 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is entirely focused on providing defensive security and compliance frameworks. It defines structures for audit log integrity using hash chains, data classification, and multi-tenant isolation.
- [EXTERNAL_DOWNLOADS]: The skill references several well-known technology and cloud services (e.g., AWS Bedrock, GCP Vertex AI, Azure OpenAI, OpenAI, Cloudflare) in the context of compliance and BAA (Business Associate Agreement) evaluation. These are documented as trusted industry standard services.
- [COMMAND_EXECUTION]: The skill contains various Python and SQL code snippets. These are presented as reference implementations for building compliance automation tools (such as evidence collectors and integrity verifiers) and do not contain logic for executing unauthorized or dangerous commands.
- [DATA_EXFILTRATION]: No data exfiltration patterns were found. The skill actively teaches data redaction and encryption techniques for audit logs to prevent the accidental exposure of sensitive information like PII or PHI.
- [PROMPT_INJECTION]: The instructions do not contain any attempt to bypass agent safety filters or override system instructions. Instead, they provide guidance on implementing prompt-injection scanners and safety guards for clinical AI workflows.
Audit Metadata