deepera-deep-evidence-reranking
Pass
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill implements a workflow for processing untrusted data from external retrieval systems. The provided Python implementation (Example 2) lacks adequate safeguards against malicious instructions embedded in the processed documents.
- Ingestion points: The
rerank_passagesfunction inSKILL.mdreceives candidate passages from external sources. - Boundary markers: The
RERANK_PROMPTstring uses simple labels (Passage: {passage}) without distinct delimiters or specific instructions to the model to ignore potential commands within the passage content. - Capability inventory: The logic utilizes an LLM to evaluate these passages, which could be influenced by injected instructions during the reasoning phase.
- Sanitization: The example code does not include logic to sanitize or validate the content of the retrieved passages before they are interpolated into the prompt.
Audit Metadata