rag
Pass
Audited by Gen Agent Trust Hub on Jun 19, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill acts as documentation for a RAG toolkit. It uses standard Rust patterns for trait definitions and provides safe code examples with placeholders for sensitive configuration like database connection strings.
- [PROMPT_INJECTION]: The skill provides document loaders designed to ingest external data into an agent's context, creating a surface for indirect prompt injection.
- Ingestion points:
TextLoader,CsvLoader,HtmlLoader,PdfLoader,GitCommitLoader,HtmlToMarkdownLoader, andSourceCodeLoader(referenced inSKILL.md). - Boundary markers: The provided code snippets do not include explicit delimiter logic or instructions to ignore embedded commands.
- Capability inventory: The skill uses
ConversationalRetrieverChainBuilderand LLM invocations (e.g.,OpenAI::default()) to process retrieved data (referenced inSKILL.md). - Sanitization: No explicit sanitization or escaping of external content is demonstrated in the examples.
- Note: This represents the intended design of a RAG system and does not indicate malicious intent.
Audit Metadata