Skills
skills/etalab-ia/skills/rag-index/Gen Agent Trust Hub

rag-index

Pass

Audited by Gen Agent Trust Hub on Apr 10, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the agent to install the @tobilu/qmd tool globally from the NPM registry via Bun. This tool is the primary component used for document indexing.\n- [COMMAND_EXECUTION]: The skill uses the qmd CLI to perform document indexing and embedding generation. Shell commands executed include qmd collection add, qmd context add, qmd embed, and qmd status.\n- [PROMPT_INJECTION]: The skill's ingestion of local markdown files for search indexing creates a surface for indirect prompt injection if the files contain malicious instructions.\n
  • Ingestion points: Data enters the context via the qmd collection add <path> command, which reads documents from user-specified local paths (SKILL.md).\n
  • Boundary markers: The skill does not provide delimiters or instructions to ignore potential commands embedded in the indexed text.\n
  • Capability inventory: The skill enables shell command execution (qmd) and global package installation (bun) (SKILL.md).\n
  • Sanitization: No sanitization or content validation is performed on the files prior to indexing or embedding.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 10, 2026, 12:22 PM