neo4j-graphrag-skill
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill describes pipelines that ingest external document data for knowledge graph construction and retrieval, which represents a standard indirect prompt injection surface. Ingestion points: External document text processed by SimpleKGPipeline and database chunks retrieved via HybridCypherRetriever. Boundary markers: None present in the provided snippets. Capability inventory: Bash and WebFetch tools allowed. Sanitization: No demonstrated sanitization or validation logic.
- [SAFE]: All referenced libraries, domains, and repositories are official Neo4j or trusted vendor resources. The skill follows best practices for secret management and provides standard educational content without malicious patterns.
Audit Metadata