rag-engineer
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill architecture facilitates the ingestion of untrusted external content, which is a known vector for indirect prompt injection.
- Ingestion points: The skill instructs agents to parse external documents (PDFs, docs) into text using various parsing libraries.
- Boundary markers: Recommends using XML tags or clear delimiters in the prompt assembly stage to isolate context from instructions.
- Capability inventory: The skill enables agents to construct retrieval and generation pipelines that interact with external data.
- Sanitization: Suggests using strict grounding instructions ('Answer ONLY based on the context') and similarity thresholds to mitigate malicious inputs.
Audit Metadata