Skills
skills/lauraflorentin/skills-marketplace/rag/Gen Agent Trust Hub

rag

Pass

Audited by Gen Agent Trust Hub on May 1, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill documents an implementation pattern vulnerable to indirect prompt injection.
  • Ingestion points: Untrusted data is retrieved from an external database using vector_db.similarity_search and combined with the user_query in SKILL.md.
  • Boundary markers: The pattern uses simple headers ("Context:", "Question:") but lacks strong delimiters or explicit instructions to the model to ignore any instructions embedded within the retrieved data.
  • Capability inventory: The combined prompt is processed by llm.generate in SKILL.md, which allows retrieved data to influence the generated output and subsequent agent behavior.
  • Sanitization: No sanitization, escaping, or validation of the retrieved document content is performed before it is interpolated into the prompt template.
Audit Metadata
Risk Level
SAFE
Analyzed
May 1, 2026, 10:50 PM