emergency-card
Warn
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to run a local Python script (
scripts/generate_emergency_card.py) to generate the medical cards. Since the content of this script is not included in the skill definition, it represents an unverified execution path that could perform arbitrary actions on the host system. - [EXTERNAL_DOWNLOADS]: The HTML output format utilizes external CDNs (Tailwind CSS and Lucide Icons). Opening the generated medical cards in a browser will trigger network requests to these third-party services, which could potentially be used for basic tracking or metadata leakage.
- [DATA_EXFILTRATION]: The skill accesses highly sensitive personal information, including names, medical diagnoses, medications, and emergency contacts. While the intended use is local card generation, the combination of sensitive data access and the capability to execute unverified scripts creates a high-risk surface for potential data exfiltration.
- [PROMPT_INJECTION]: The skill processes untrusted data from multiple health-related JSON files (e.g., surgical notes, medication instructions) without explicit sanitization or boundary markers. Maliciously crafted content within these data files could attempt an indirect prompt injection to influence the agent's summary or the generated card's content.
Audit Metadata