addon-rag-pdf-pipeline
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill defines a RAG pipeline that processes external PDF documents, creating a potential surface for indirect prompt injection.\n- Ingestion points: Document source specified as
DOC_SOURCE(files/folders) in SKILL.md.\n- Boundary markers: Lacks instructions for using delimiters or specific system prompts to isolate retrieved document content from user instructions.\n- Capability inventory: Includes file reading and network access via the generated Python modules.\n- Sanitization: Recommends unicode normalization but lacks active filtering for malicious instructions within document content.\n- [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands for setup and execution using theuvpackage manager (uv add,uv run). These commands are standard for project environment management.
Audit Metadata