openai-agents-sdk
Pass
Audited by Gen Agent Trust Hub on May 14, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a technical guide for the OpenAI Agents SDK, focusing on architectural patterns and implementation details. It explicitly demonstrates security best practices such as the use of guardrails for input/output validation and parameterized queries for database interactions.\n- [EXTERNAL_DOWNLOADS]: The documentation references the installation of the 'openai-agents' Python package using standard package managers, which is a routine step for library integration.\n- [COMMAND_EXECUTION]: Includes documentation for tools such as 'CodeInterpreterTool' and shell commands for environment setup, which are standard components of the described agent framework.\n- [CREDENTIALS_UNSAFE]: Correctly demonstrates the use of environment variables and placeholders for API keys, avoiding the risk of hardcoded secrets.\n- [SAFE]: The skill addresses potential indirect prompt injection surfaces by providing clear examples of how to implement boundary markers and sanitization via its Guardrails primitive.\n
- Ingestion points: User input is processed via 'Runner.run_sync' (SKILL.md).\n
- Boundary markers: Explicitly documented in the 'Guardrails' section using 'input_guardrails' and 'output_guardrails'.\n
- Capability inventory: Includes 'CodeInterpreterTool' (execution), 'WebSearchTool' (network), and 'db.query' (database access).\n
- Sanitization: Demonstrates parameterized SQL queries and custom keyword-based validation functions.
Audit Metadata