vector-search-patterns
Pass
Audited by Gen Agent Trust Hub on Apr 19, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The RAG pipeline implementation in SKILL.md presents a surface for indirect prompt injection. External data retrieved from a vector store is interpolated into the prompt without sanitization.
- Ingestion points: Data from the vector database (search results) enters the prompt context.
- Boundary markers: The template uses headers like 'Context:' but lacks specific warnings to the agent.
- Capability inventory: The skill enables network access to external APIs and local database interaction.
- Sanitization: No validation or cleaning of external data is performed before interpolation.
- [DATA_EXFILTRATION]: The skill performs network requests to OpenAI's official embeddings API, which is expected behavior for semantic search implementations.
Audit Metadata