Skills
skills/halt-catch-fire/skills/ai-rag-pipeline/Gen Agent Trust Hub

ai-rag-pipeline

Pass

Audited by Gen Agent Trust Hub on Jun 19, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: References installation instructions from the official inference-sh GitHub repository.
  • [COMMAND_EXECUTION]: Demonstrates the use of the belt CLI tool for search, extraction, and model inference via the Bash tool.
  • [PROMPT_INJECTION]: The skill defines a RAG architecture that interpolates external search data into prompts. Users should apply sanitization and boundary markers to mitigate indirect prompt injection from untrusted web content. \n
  • Ingestion points: Interpolates results from Tavily and Exa searches into model prompts in SKILL.md. \n
  • Boundary markers: Absent; data is placed directly into the prompt text. \n
  • Capability inventory: Shell execution of the belt CLI for data retrieval and model calls. \n
  • Sanitization: None; the examples use raw string interpolation.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 19, 2026, 02:15 AM
Security Audit — agent-trust-hub — ai-rag-pipeline