vector-db

Pass

Audited by Gen Agent Trust Hub on Jun 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches the chromadb and requests Python packages from the standard public registry.
  • [EXTERNAL_DOWNLOADS]: References the official Qdrant Go client library from its GitHub repository for database interactions.
  • [COMMAND_EXECUTION]: Provides instructions to run database services using Docker and local CLI tools to set up the development environment.
  • [PROMPT_INJECTION]: The skill contains a Retrieval-Augmented Generation (RAG) implementation pattern in SKILL.md that interpolates external data into model prompts, representing an indirect injection surface.
  • Ingestion points: Document content retrieved from the vector database via collection.query is used as context.
  • Boundary markers: Employs standard text labels ("Context:", "Question:") to separate retrieved data from instructions.
  • Capability inventory: The skill uses bash, read, and write tools, which are common for data management tasks.
  • Sanitization: The example code does not include explicit sanitization of the retrieved document content before it is processed by the model.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 17, 2026, 11:38 AM
Security Audit — agent-trust-hub — vector-db