openai-agents-sdk

Pass

Audited by Gen Agent Trust Hub on May 14, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill serves as a technical guide for the OpenAI Agents SDK, focusing on architectural patterns and implementation details. It explicitly demonstrates security best practices such as the use of guardrails for input/output validation and parameterized queries for database interactions.\n- [EXTERNAL_DOWNLOADS]: The documentation references the installation of the 'openai-agents' Python package using standard package managers, which is a routine step for library integration.\n- [COMMAND_EXECUTION]: Includes documentation for tools such as 'CodeInterpreterTool' and shell commands for environment setup, which are standard components of the described agent framework.\n- [CREDENTIALS_UNSAFE]: Correctly demonstrates the use of environment variables and placeholders for API keys, avoiding the risk of hardcoded secrets.\n- [SAFE]: The skill addresses potential indirect prompt injection surfaces by providing clear examples of how to implement boundary markers and sanitization via its Guardrails primitive.\n
  • Ingestion points: User input is processed via 'Runner.run_sync' (SKILL.md).\n
  • Boundary markers: Explicitly documented in the 'Guardrails' section using 'input_guardrails' and 'output_guardrails'.\n
  • Capability inventory: Includes 'CodeInterpreterTool' (execution), 'WebSearchTool' (network), and 'db.query' (database access).\n
  • Sanitization: Demonstrates parameterized SQL queries and custom keyword-based validation functions.
Audit Metadata
Risk Level
SAFE
Analyzed
May 14, 2026, 11:14 AM
Security Audit — agent-trust-hub — openai-agents-sdk