Skills
skills/skillssh/skills/ai-rag-pipeline/Gen Agent Trust Hub

ai-rag-pipeline

Pass

Audited by Gen Agent Trust Hub on May 14, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches installation instructions from the inference-sh GitHub repository, which is the official documentation source for the toolset described.
  • [COMMAND_EXECUTION]: Provides instructions to install the platform's CLI tool using npx skills add belt-sh/cli, which is a standard procedure for using this skill's ecosystem.
  • [PROMPT_INJECTION]: Describes a Retrieval Augmented Generation (RAG) workflow that ingests external data into LLM prompts. This architecture creates an indirect prompt injection surface common to research-oriented AI agents.
  • Ingestion points: Search results and extracted web content are stored in shell variables (e.g., $SEARCH, $CONTENT) and interpolated into LLM prompts in the provided examples.
  • Boundary markers: The examples employ basic labels like 'Source 1' but do not include explicit delimiters or instructions to ignore embedded commands within the retrieved text.
  • Capability inventory: The skill uses the belt CLI to perform web searches and execute inferences on various LLM models.
  • Sanitization: The provided pipeline examples do not demonstrate filtering or sanitization of search results before they are processed by the LLM.
Audit Metadata
Risk Level
SAFE
Analyzed
May 14, 2026, 09:23 AM
Security Audit — agent-trust-hub — ai-rag-pipeline