Skills
skills/neo4j-contrib/neo4j-skills/neo4j-document-import-skill/Gen Agent Trust Hub

neo4j-document-import-skill

Pass

Audited by Gen Agent Trust Hub on May 1, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8) by design. It provides templates for ingesting untrusted document content into an LLM-driven pipeline.
  • Ingestion points: The document_text variable in Python snippets (SKILL.md) and remote data fetched via apoc.load.json act as entry points for external data.
  • Boundary markers: The provided code snippets lack delimiters or instructions to ignore embedded commands within the document_text.
  • Capability inventory: The skill utilizes SimpleKGPipeline for LLM processing and driver.execute_query for database writes (SKILL.md), allowing processed data to influence the graph structure.
  • Sanitization: No sanitization or validation logic is included in the extraction templates to mitigate instructions hidden in documents.
  • [EXTERNAL_DOWNLOADS]: The skill includes a Cypher example using apoc.load.json to fetch data from a remote URL (https://example.com/data.json). While the URL is a placeholder, this pattern involves external data retrieval that should be restricted to trusted sources.
Audit Metadata
Risk Level
SAFE
Analyzed
May 1, 2026, 04:03 AM