Skills
skills/ag2ai/ag2-skills/ag2-quickstart/Gen Agent Trust Hub

ag2-quickstart

Pass

Audited by Gen Agent Trust Hub on May 11, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No malicious patterns or security vulnerabilities were detected in the instructions or example scripts.
  • [CREDENTIALS_UNSAFE]: The skill correctly demonstrates using python-dotenv to load secrets from environment variables, avoiding hardcoded credentials. Example scripts use placeholders like sk-... or NotRequired for demonstration only.
  • [EXTERNAL_DOWNLOADS]: The documentation references standard installation commands for official library extras (e.g., ag2[openai], ag2[gemini]) and well-known utilities like python-dotenv from official registries.
  • [INDIRECT_PROMPT_INJECTION]: The skill documents an attack surface where user input is passed to an LLM via agent.ask() or reply.ask().
  • Ingestion points: agent.ask() and reply.ask() in SKILL.md and assets/*.py files.
  • Boundary markers: Absent in basic examples.
  • Capability inventory: No dangerous tools (e.g., shell execution, file system modification) are defined in the provided code.
  • Sanitization: Absent. Given the lack of exploitable capabilities, this surface is considered safe.
Audit Metadata
Risk Level
SAFE
Analyzed
May 11, 2026, 05:23 PM
Security Audit — agent-trust-hub — ag2-quickstart