Skills
skills/secondsky/sap-skills/sap-cloud-sdk-ai-python/Gen Agent Trust Hub

sap-cloud-sdk-ai-python

Pass

Audited by Gen Agent Trust Hub on Jun 14, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill documents the installation of the sap-ai-sdk-gen package and its variants from PyPI. It also suggests an optional plugin from Databricks' official GitHub repository for users working in that environment.
  • [CREDENTIALS_UNSAFE]: The skill provides instructions on configuring SAP AI Core credentials using environment variables or a local configuration file at ~/.aicore/config.json. These instructions use placeholder values and are standard for the SDK's primary purpose of authenticating with SAP BTP services.
  • [PROMPT_INJECTION]: The skill utilizes templates with placeholders (e.g., {{?question}}) to process user input, which presents a surface for indirect prompt injection. However, the documentation extensively covers the use of built-in security modules for content filtering and data masking to mitigate these risks.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 14, 2026, 09:31 AM
Security Audit — agent-trust-hub — sap-cloud-sdk-ai-python