Skills
skills/skills-il/developer-tools/hebrew-llm-eval-suite/Gen Agent Trust Hub

hebrew-llm-eval-suite

Pass

Audited by Gen Agent Trust Hub on May 15, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection (Category 8) by processing external data from benchmark datasets.
  • Ingestion points: scripts/run_eval.py loads data from various HuggingFace datasets (e.g., pig4431/HeQ_v1, HebArabNlpProject/HebrewSentiment).
  • Boundary markers: Absent. Prompt templates in scripts/run_eval.py and references/prompt-templates.md use simple labels like Passage: and Text:, but lack explicit instructions to the target model to ignore any embedded commands or instruction-overrides within the data.
  • Capability inventory: scripts/run_eval.py contains network operation capabilities, sending the assembled prompts (containing the untrusted data) to several LLM providers (Anthropic, OpenAI, Google, and AI21).
  • Sanitization: Absent. The data from the external datasets is interpolated directly into prompt strings without validation or escaping.
  • [EXTERNAL_DOWNLOADS]: The skill facilitates the download of external components and data.
  • Package Installation: Instructions in SKILL.md require installing datasets, transformers, anthropic, openai, google-genai, and ai21. These are well-known, legitimate libraries from standard registries.
  • Data Downloads: scripts/run_eval.py uses the datasets library to fetch content from HuggingFace. The sources (pig4431, HebArabNlpProject) are associated with the benchmark datasets cited in the documentation.
Audit Metadata
Risk Level
SAFE
Analyzed
May 15, 2026, 09:15 PM
Security Audit — agent-trust-hub — hebrew-llm-eval-suite