mental-health-analyzer
Pass
Audited by Gen Agent Trust Hub on May 5, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill demonstrates safe operational behavior by limiting its actions to local file reading and writing. It includes extensive disclaimers noting that it is not a medical professional and cannot provide diagnoses or prescriptions. No unauthorized network operations, hardcoded credentials, or obfuscated payloads were identified.
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection because it ingests untrusted text from user-controlled mood diaries.
- Ingestion points: The skill reads daily mood logs from paths such as
data-example/mental-health-logs/YYYY-MM/YYYY-MM-DD.json. - Boundary markers: Instructions do not specify delimiters or techniques to isolate embedded instructions in the ingested logs.
- Capability inventory: The skill is restricted to
Read,Grep,Glob,Write, andEdittools. It lacks the ability to execute shell commands or access the network, which significantly mitigates the potential impact of an injection attack. - Sanitization: There is no evidence of input validation or content sanitization for the processed logs.
Audit Metadata