digital-health-compliance-planning
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists of guidance instructions and does not contain any malicious patterns such as prompt injection, obfuscation, or persistence mechanisms.
- [COMMAND_EXECUTION]: The instructions direct the agent to generate a compliance report and save it to
docs/planning/compliance-brief.md. This is a standard project documentation task and does not constitute unauthorized command execution. - [DATA_EXFILTRATION]: While the skill helps plan for the handling of sensitive health data, it does not include logic to access local sensitive files or environment variables, nor does it perform network operations for data exfiltration.
- [SAFE]: Ingestion points: The skill processes user-supplied information about a product's purpose and data handling. Boundary markers: Absent. Capability inventory: Writing a markdown file to the local repository. Sanitization: Absent. The interaction represents a routine documentation task for a project-based agent and presents no unique security risk.
Audit Metadata