Skills
skills/1837620622/super-agent-skills/langchain/Gen Agent Trust Hub

langchain

Warn

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The calculator tool in SKILL.md uses the Python eval() function to execute strings. If the LLM is influenced by malicious input, this results in arbitrary code execution.
  • [EXTERNAL_DOWNLOADS]: The WebBaseLoader in SKILL.md is used to fetch content from external URLs, providing a vector for untrusted data.
  • [PROMPT_INJECTION]: The skill has an indirect prompt injection surface. * Ingestion points: External content is loaded via WebBaseLoader and similarity searches in SKILL.md. * Boundary markers: Prompt templates lack delimiters to separate untrusted context from instructions. * Capability inventory: The agent can execute code via eval() and perform searches. * Sanitization: No sanitization is performed on ingested data before it is sent to the LLM.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 12, 2026, 06:05 AM