rag-blueprint
Pass
Audited by Gen Agent Trust Hub on Jun 14, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Downloads NIM containers, model weights, and software dependencies from trusted sources including the NVIDIA Container Registry (nvcr.io), GitHub repositories under the NVIDIA organization, and official package registries like PyPI.
- [COMMAND_EXECUTION]: Employs shell commands to perform deep environment inspection (GPU/VRAM detection, driver checks, disk space monitoring) and manages deployment states using
docker compose,kubectl, andhelm. It also includes routines for process management viapkillduring service shutdown. - [PROMPT_INJECTION]: As the skill manages a Retrieval-Augmented Generation pipeline, it facilitates the ingestion of untrusted external content (PDFs, images, and audio) into the agent context, creating a surface for indirect prompt injection.
- Ingestion points: Document ingestion via the Ingestor Server API (
POST /v1/documents) and data catalog management. - Boundary markers: Not specified in the deployment guidance; the skill relies on the underlying NVIDIA RAG stack for content handling.
- Capability inventory: The skill has extensive capabilities including local file system access, network communication for inference, and the ability to execute infrastructure-level shell commands.
- Sanitization: Document processing is delegated to NVIDIA NIMs (NV-Ingest, Nemotron-OCR), which provide the primary extraction and sanitization layer for external data.
Audit Metadata