constructive-ai
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The documentation for setting up CI/CD workflows includes an automated installation step that fetches and executes an installation script from Ollama's official domain (
ollama.com). This is a standard and expected method for environment configuration within automated testing pipelines. - [COMMAND_EXECUTION]: The skill provides several operational shell scripts (
setup-rag-database.sh,seed-documents.sh,check-rag-status.sh) used for infrastructure management. These scripts execute standard commands for database setup, document processing, and health monitoring of local services. - [PROMPT_INJECTION]: The skill implements Retrieval-Augmented Generation patterns which represent an indirect prompt injection surface. This occurs when external data is retrieved and interpolated into language model prompts.
- Ingestion points: External data enters the agent context through ORM retrieval in
references/rag-pipeline.mdand file-based seeding inscripts/seed-documents.sh. - Boundary markers: While prompt templates in
references/agentic-kit.mduse structural labels (e.g., "Context:"), they do not include explicit instructions for the model to disregard potentially adversarial content within the ingested data. - Capability inventory: The skill possesses the capability to execute shell commands (
psql,docker,curl) and perform network requests to LLM providers and local APIs. - Sanitization: The
routeQueryexample inreferences/agentic-kit.mdimplements basic regex validation on model output. However, document content is generally concatenated into generation prompts without extensive sanitization or escaping.
Audit Metadata