senior-ml-engineer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill demonstrates patterns for interpolating external data into LLM prompts without explicit boundary markers or sanitization.
- Ingestion points: File
references/llm_integration_guide.mddefines templates using{user_input}and{product_context}variables. - Boundary markers: Absent; the code snippets use direct string formatting for prompt construction.
- Capability inventory: The skill provides templates for API calls to OpenAI and Anthropic, and placeholders for model deployment and monitoring.
- Sanitization: Absent; no escaping or validation logic is shown for input variables before they are injected into prompts.
- [Unverifiable Dependencies] (SAFE): The skill references standard, industry-recognized libraries (e.g.,
mlflow,feast,openai,anthropic,tenacity). No suspicious or unknown packages are requested. - [Data Exposure] (SAFE): The code provides a framework for handling API keys via constructor arguments but does not include any hardcoded credentials or access sensitive local files.
Audit Metadata