rag-architect
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill serves as a technical resource for RAG implementation. It utilizes standard libraries and follows best practices for semantic search and retrieval workflows. No suspicious network activities or unauthorized data access patterns were found.
- [PROMPT_INJECTION]: The architecture describes the ingestion of external documents and user queries, which establishes a surface for indirect prompt injection.
- Ingestion points: External text data is processed for chunking and indexing in
SKILL.mdandreferences/chunking-strategies.md. - Boundary markers: Templates do not explicitly define delimiters or 'ignore' instructions for untrusted content.
- Capability inventory: The skill uses network-based LLM and embedding services and performs operations on vector databases.
- Sanitization: Sanitization of external content is not explicitly shown in the reference code; users should implement appropriate validation.
Audit Metadata