embeddings
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): No override or bypass instructions were found in the command documentation.
- Data Exposure & Exfiltration (SAFE): API keys are managed through environment variables (e.g., OPENAI_API_KEY) rather than hardcoded secrets. No sensitive system file access or exfiltration patterns were detected.
- Obfuscation (SAFE): No encoded content, zero-width characters, or other obfuscation techniques were found.
- Unverifiable Dependencies (SAFE): The documentation references external libraries such as 'clodds' and '@xenova/transformers' for illustrative purposes but does not include any commands for unauthorized package installation or remote code execution.
- Indirect Prompt Injection (LOW): The skill processes untrusted text strings for embedding and search functionality. Evidence: (1) Ingestion points: embed, search, and store methods in SKILL.md. (2) Boundary markers: Absent from documentation snippets. (3) Capability inventory: Network communication with external provider APIs. (4) Sanitization: Not specified. This represents a standard surface for indirect injection inherent to embedding tools.
Audit Metadata