iblai-agent-datasets
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection. It allows the agent to ingest content from external, untrusted sources—including URLs, YouTube videos, GitHub repositories, and web crawls—directly into its knowledge base. Ingestion points include the
POST /train/endpoint which accepts externalurlandfileinputs. There are no explicit delimiters or instructions provided to the agent to isolate or ignore potentially malicious instructions within the ingested data. The skill possesses the capability to modify the agent's retrieval-augmented generation (RAG) datasets, and it lacks mechanisms to sanitize or validate the content fetched from remote sources. - [EXTERNAL_DOWNLOADS]: Retrieves repository metadata from the official GitHub API to support the integration of GitHub resources. This is a well-known service and is documented neutrally as a safe operation for resource management.
Audit Metadata