Skills
skills/ag2ai/ag2-skills/ag2-middleware/Gen Agent Trust Hub

ag2-middleware

Pass

Audited by Gen Agent Trust Hub on Jun 15, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill documents legitimate framework capabilities for the AG2 library, focusing on cross-cutting concerns like logging, retries, and history management.
  • [PROMPT_INJECTION]: The middleware hooks provide an interface for processing data from external sources, which is a standard surface for indirect prompt injection.
  • Ingestion points: Data enters the agent loop via the on_turn, on_llm_call, on_tool_execution, and on_human_input hooks.
  • Boundary markers: No specific delimiters or boundary markers are defined in the provided BaseMiddleware interface; security depends on custom implementation logic.
  • Capability inventory: Middleware hooks can perform prompt mutation, history truncation, tool result modification, and observability tasks through standard Python code.
  • Sanitization: The documentation suggests using the on_tool_execution hook for redacting tool results, providing a pattern for sanitizing potentially sensitive data.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 15, 2026, 09:47 PM
Security Audit — agent-trust-hub — ag2-middleware