Skills
skills/google/skills/agent-platform-rag-engine-management/Snyk

agent-platform-rag-engine-management

Warn

Audited by Snyk on May 28, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.70). The required runtime workflow uses Vertex AI RAG Engine retrieval (rag.retrieval_query(...) and/or the RAG tool in generate_content), which ingests the corpus’s stored document text (e.g., file contents from the specified ragCorpora/{corpus_id}) into the LLM context; if that corpus contains outsider-authored documents, their free text can be fed to the model via context.text / tool grounding.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
May 28, 2026, 06:21 PM
Issues
1
Security Audit — snyk — agent-platform-rag-engine-management