ag2-multimodal-input
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill introduces a surface for indirect prompt injection by demonstrating how to ingest and process untrusted external files such as images, PDFs, video, and audio.\n
- Ingestion points: Snippets in
SKILL.mduseImageInput,AudioInput,VideoInput, andDocumentInputfactories to load data from external URLs and local file paths.\n - Boundary markers: The provided examples do not include explicit delimiters or instructions for the agent to ignore potentially malicious commands embedded within the media content.\n
- Capability inventory: The skill allows the agent to send processed multimodal data to external LLM providers including OpenAI, Gemini, and Anthropic for analysis and summarization.\n
- Sanitization: No sanitization or content validation of the ingested files is performed before transmission to the model providers.\n- [EXTERNAL_DOWNLOADS]: The skill documentation includes examples of fetching media from external domains like YouTube and generic placeholders like example.com. These are used for demonstration purposes to illustrate the multimodal capabilities of the library and are considered standard functionality.
Audit Metadata