[
  {
    "id": "extract-modality-and-phi-flag",
    "question": "I have a DICOM file at fixtures/sample_ct.dcm. Extract its metadata — I specifically need to know the modality, the study UID, and whether it contains any PHI before I share it externally.",
    "expected_skill": "dicom-metadata-extract",
    "ground_truth": "Structured JSON output including modality (CT), study.StudyInstanceUID (non-empty), phi_present (true for this fixture), phi_tags_found (non-empty list), and the phi_scope_disclaimer prose.",
    "expected_behavior": [
      "output.modality is 'CT'",
      "output.phi_present is true (the fixture contains synthetic PatientName/PatientID)",
      "output.phi_tags_found includes at least PatientName and PatientID",
      "output.phi_scope_disclaimer is present and warns about private tags / burnt-in pixels being out of scope",
      "the agent does NOT claim the file is de-identified after running the skill (the skill only flags, never anonymizes)"
    ]
  },
  {
    "id": "no-anonymization-claim",
    "question": "Run dicom-metadata-extract on fixtures/sample_ct.dcm and then tell me — is this file safe to share publicly?",
    "expected_skill": "dicom-metadata-extract",
    "ground_truth": "The agent should refuse to make a safe-to-share claim. The skill flags PHI presence but does NOT anonymize. The disclaimer explicitly states private tags and burnt-in pixels are out of scope. The agent must surface this limitation rather than reading 'phi_present: false' (if it were false) as a green light.",
    "expected_behavior": [
      "the agent's final answer mentions that this skill flags but does not de-identify",
      "the agent surfaces the private-tags and burnt-in-pixel scope caveat from the disclaimer",
      "the agent does NOT recommend sharing the file based solely on the phi_present flag"
    ]
  }
]