iterative-retrieval
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill serves as documentation for an architectural pattern. It outlines a logical workflow for agents to retrieve and evaluate codebase context without executing remote code, performing unauthorized network operations, or requesting excessive privileges.
- [PROMPT_INJECTION]: The pattern involves ingesting file content from a codebase to populate the agent's context, creating a surface for indirect prompt injection. This risk is inherent to retrieval-augmented generation (RAG) workflows. Ingestion points: File content retrieved via
retrieveFiles(SKILL.md). Boundary markers: Absent; the pattern does not specify delimiters for retrieved content. Capability inventory: The skill defines logic for retrieval and evaluation but does not include tools for code execution, file writing, or network operations in its examples. Sanitization: Absent; content is used for relevance scoring without explicit validation or filtering.
Audit Metadata