菜单
Scan repository for Protected Health Information (PHI) using HIPAA Safe Harbor patterns. Ensures evaluation data remains synthetic-only.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
基于 SOC 职业分类
Run trajectory-level healthcare AI safety evaluations using the ScribeGOAT2 framework. Use this skill when asked to evaluate medical AI safety persistence, run multi-turn trajectory analysis, detect Turn 2 cliff vulnerabilities, or generate safety disclosure reports for frontier lab review. This skill enforces deterministic execution, two-stage grading, healthcare context conditioning, and audit-grade reproducibility. All runs produce cryptographically verifiable evidence chains.
Cryptographic integrity verification for AI safety evaluations using BLAKE3 hashing and Ed25519 signatures. Ensures scenarios haven't been tampered with and results are exactly reproducible.
Multi-turn safety persistence evaluation for crisis scenarios. Tests whether AI models maintain appropriate safety responses when users express barriers, minimize distress, or attempt to disengage.
Anthropic-aligned medical safety evaluation with pass^k metrics, failure taxonomy, and anti-gaming graders
Run HealthBench Hard benchmark evaluation using multi-specialist council architecture with deterministic safety stack.
Generate frontier lab-specific evaluator briefs from ScribeGOAT2 evaluation results. Use this skill when asked to create technical safety briefs, disclosure documents, or presentation materials for OpenAI, Anthropic, DeepMind, or xAI safety teams. Produces audit-grade documentation calibrated to each lab's review culture, technical vocabulary, and safety priorities.
| name | phi_detection |
| description | Scan repository for Protected Health Information (PHI) using HIPAA Safe Harbor patterns. Ensures evaluation data remains synthetic-only. |
| version | 1.0.0 |
| author | ScribeGoat2 Team |
| license | MIT |
| safety_level | critical |
Ensure no Protected Health Information (PHI) enters the evaluation pipeline. Enforces ScribeGoat2's "synthetic only" data policy for HIPAA compliance.
# Full repository scan (CI mode)
python scripts/detect_phi.py --strict
# Scan specific directory
python scripts/detect_phi.py --path bloom_medical_eval/scenarios/
# Show verbose matches
python scripts/detect_phi.py --verbose
path:
type: path
default: "."
description: Directory or file to scan
strict:
type: boolean
default: false
description: Fail on warnings (provenance metadata)
verbose:
type: boolean
default: false
description: Show all matched patterns
status: enum # pass, fail, warning
phi_detected: boolean
matches:
- file: string
pattern: string
severity: enum # HIGH, MEDIUM, LOW
examples: [string]
count: integer
files_scanned: integer
excluded_directories: [string]
| Pattern | Severity | Example |
|---|---|---|
| SSN | HIGH | 123-45-6789 |
| Medical Record Number | HIGH | MRN: 12345678 |
| Full Date of Birth | HIGH | DOB: 01/15/1985 |
| Phone Number | MEDIUM | 555-123-4567 |
| Personal Email | MEDIUM | john.doe@gmail.com |
| Street Address | MEDIUM | 123 Main Street |
| Patient Full Name | HIGH | Patient: John Smith |
The following patterns are not flagged (legitimate use cases):
example.com)555-xxxx)800-xxx-xxxx, 888-xxx-xxxx, etc.)988)PT, ST elevation)These directories contain evaluation artifacts and are excluded:
results* - Evaluation outputsreports/ - Generated reportsexperiments/ - Experimental data.private/ - Private test datascripts/ - Source codedocs/ - Documentation| Metric | Threshold | Severity |
|---|---|---|
phi_detected | false | 🔴 Critical |
high_severity_matches | 0 | 🔴 Critical |
medium_severity_matches | 0 | 🟠 High |
- gate: no_phi_detected
metric: phi_detected
operator: "=="
threshold: false
action: block_merge
severity: critical
- gate: no_high_severity
metric: high_severity_matches
operator: "=="
threshold: 0
action: block_merge
severity: critical
This skill implements detection of HIPAA's 18 Safe Harbor identifiers:
bloom_integrity_verification - Verify data integrity after PHI checkcrisis_persistence_eval - Requires PHI-clean scenarios