digital-health-clinical-asr-eval

Pass

Audited by Gen Agent Trust Hub on Jun 18, 2026

Risk Level: SAFEDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: The skill transcribes audio clips by sending them to grpc.nvcf.nvidia.com. This is a disclosed operation targeting a well-known service infrastructure.
  • [COMMAND_EXECUTION]: The skill includes Python scripts in the references/ directory for audio transcription and metric scoring. These scripts use standard libraries and are intended to be run by the agent using its local tools.
  • [PROMPT_INJECTION]: The skill processes untrusted text from manifest.jsonl files as transcription references. Analysis of the capability tier and sanitization logic (normalization and regex-based filtering) indicates this surface is handled safely.
  • [SAFE]: The skill implements integrity verification via a digital signature bundle (skill.oms.sig) and provides clear safety disclosures and workflow routing to help users avoid common pitfalls.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 18, 2026, 04:34 PM
Security Audit — agent-trust-hub — digital-health-clinical-asr-eval