Skills
skills/ag2ai/ag2-skills/ag2-structured-output/Gen Agent Trust Hub

ag2-structured-output

Pass

Audited by Gen Agent Trust Hub on May 8, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: Indirect Prompt Injection Surface
  • Ingestion points: The Agent.ask() call in assets/recipe_builder.py ingests arbitrary user-provided strings for processing.
  • Boundary markers: The system instructions in assets/recipe_builder.py do not implement explicit delimiters or "ignore embedded instructions" warnings for the user-supplied content.
  • Capability inventory: The agent in assets/recipe_builder.py has the capability to execute the scale_ingredient tool and performs automatic retries on validation failure.
  • Sanitization: There is no evidence of sanitization or escaping of the user-provided input before it is interpolated into the agent's context.
Audit Metadata
Risk Level
SAFE
Analyzed
May 8, 2026, 08:42 PM
Security Audit — agent-trust-hub — ag2-structured-output