Skills
skills/genkit-ai/skills/developing-genkit-go/Gen Agent Trust Hub

developing-genkit-go

Pass

Audited by Gen Agent Trust Hub on Apr 30, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill provides instructions for installing the Genkit CLI using curl -sL cli.genkit.dev | bash. This is the official installation path provided by the Genkit development team for its command-line utility.
  • [REMOTE_CODE_EXECUTION]: The CLI installation method involves piping a remote script directly into a shell. While this is a common pattern for developer tools, it facilitates the execution of remote code. In this context, the source is the official domain for the Genkit framework.
  • [COMMAND_EXECUTION]: Documentation includes various Genkit CLI commands such as genkit start, genkit flow:run, and genkit docs:search, which are used for local development, testing, and documentation lookups.
  • [PROMPT_INJECTION]: The skill documents methods for creating prompt templates using Handlebars syntax (e.g., {{topic}}) and Go string formatting. These represent potential surfaces for indirect prompt injection if application developers interpolate unsanitized user input into these templates.
  • Ingestion points: Prompt templates defined in .prompt files and code-based definitions (e.g., DefinePrompt).
  • Boundary markers: The documentation shows standard template interpolation without explicit boundary markers for user data.
  • Capability inventory: The demonstrated flows include text generation and tool calling (e.g., weather lookup, money transfers).
  • Sanitization: Examples focus on functionality and do not explicitly demonstrate input sanitization or validation techniques.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 30, 2026, 01:05 AM