building-multi-connector-agent
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a development guide that provides boilerplate code for integrating Airbyte connectors into an AI agent. It contains no malicious logic, obfuscation, or unauthorized access attempts.- [CREDENTIALS_SAFE]: The skill correctly demonstrates using environment variables (
os.getenv) and.envfiles for managing sensitive credentials likeAIRBYTE_CLIENT_SECRET, which is a standard security best practice.- [EXTERNAL_DOWNLOADS]: The skill installs the officialairbyte-agent-sdkviauv pip, which is expected and originates from the skill's author (airbytehq).- [PROMPT_INJECTION]: The skill describes an architecture for an agent that processes untrusted user input and interacts with external tools (Jira, Slack), which is an indirect prompt injection surface. - Ingestion points: User input is passed to
agent.run()in the run loop. - Boundary markers: None are defined in the example system prompt.
- Capability inventory: The agent has tools to execute actions on Jira and Slack via the Airbyte SDK.
- Sanitization: None is performed in the provided template code.
Audit Metadata