Skills
skills/ajrlewis/ai-skills/addon-langgraph-agent/Gen Agent Trust Hub

addon-langgraph-agent

Pass

Audited by Gen Agent Trust Hub on Mar 11, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill establishes an architecture for stateful agents that ingest untrusted data, creating a surface for indirect prompt injection.
  • Ingestion points: Untrusted data enters the agent context through the graph state and tool inputs defined in src/{{MODULE_NAME}}/agent/graph.py and src/lib/agent/graph.ts.
  • Boundary markers: Absent. The skill does not provide instructions or templates for using delimiters (e.g., XML tags, triple quotes) to isolate user-provided data from system instructions in the generated prompts.
  • Capability inventory: The agent is granted multi-step execution capabilities and tool-use permissions, which can be exploited if an injection occurs.
  • Sanitization: Absent. There is no requirement or guidance for the generated code to sanitize or validate external content before processing.
  • [EXTERNAL_DOWNLOADS]: The skill manages dependencies from well-known and trusted official registries.
  • Fetches standard LangChain libraries (langgraph, langchain-core) and configuration utilities (pydantic-settings) for Python.
  • Fetches @langchain/langgraph and zod for TypeScript/Next.js environments.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 11, 2026, 09:50 AM