Back to skill

Security audit

Fhir Upstream Proxy

Security checks across malware telemetry and agentic risk

Overview

This is a documented FHIR proxy guidance skill for guarded EHR access, with sensitive but disclosed healthcare write capability.

Install only if you understand the target FHIR server and access mode. Use sandbox endpoints by default, verify any production configuration, and require explicit human approval before enabling operations that create, update, or delete clinical records.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill explicitly states that write operations are validated locally and then forwarded to an upstream FHIR server, but it does not include a clear warning that these actions may modify real external clinical systems. In the context of production EHR proxying, this omission increases the risk that an agent or user treats the skill like a safe sandbox and unintentionally creates, updates, or deletes live healthcare data.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.