testing-prompt-injection-in-rag-pipelines

Pass

Audited by Gen Agent Trust Hub on Jun 23, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
  • [PROMPT_INJECTION]: The SKILL.md and scripts/agent.py files contain prompt injection payloads such as 'ignore previous instructions' and 'output the system prompt'. These are explicitly provided as test cases for security researchers to evaluate the resilience of AI systems.
  • [COMMAND_EXECUTION]: The skill provides instructions for running security testing tools like NVIDIA garak, Microsoft PyRIT, and Promptfoo via the command line, as well as executing a custom Python testing agent (agent.py).
  • [EXTERNAL_DOWNLOADS]: The documentation guides the user to install several third-party security and machine learning packages from official registries (PyPI and NPM), including garak, pyrit, promptfoo, and sentence-transformers.
  • [DATA_EXFILTRATION]: The scripts/agent.py script includes functionality to send data (injection payloads) to a user-specified RAG endpoint via HTTP POST. This is a core feature for the tool's intended role in probing remote APIs for vulnerabilities.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 23, 2026, 01:35 AM
Security Audit — agent-trust-hub — testing-prompt-injection-in-rag-pipelines