wellally-tech
Pass
Audited by Gen Agent Trust Hub on May 14, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill ingests health data from various external sources like XML, CSV, and JSON files, which creates a surface for indirect prompt injection where malicious text in the data could influence the agent's analysis.
- Ingestion points: Data ingestion occurs via the import of Apple Health ZIP exports, Fitbit/Oura API responses, and user-provided CSV/JSON files.
- Boundary markers: There are no specific delimiters or instructions provided to the agent to treat the imported health data as untrusted content.
- Capability inventory: The skill utilizes file system tools and executes python scripts to process and save health data.
- Sanitization: The documentation mentions basic data validation for types and ranges but lacks sanitization for potential prompt injection content.
- [EXTERNAL_DOWNLOADS]: The skill connects to the WellAlly.tech platform and external health APIs (Fitbit, Oura) to fetch health articles and synchronize user records. These operations are required for the skill's primary functionality.
Audit Metadata