senior-ml-engineer
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill implements retrieval-augmented generation (RAG) and chat patterns that interpolate external data directly into LLM prompts, creating an indirect prompt injection surface.
- Ingestion points: Document corpus ingestion in
scripts/rag_system_builder.pyand template placeholders like{user_input}and{product_context}inreferences/llm_integration_guide.md. - Boundary markers: Prompt templates use basic structural headers but do not employ robust delimiters (e.g., XML tags or specific delimiters) or system instructions to ignore embedded commands within the processed data.
- Capability inventory: The skill possesses capabilities for file system operations via
scripts/model_deployment_pipeline.pyand external network communication through LLM provider integrations. - Sanitization: The provided code examples and templates do not demonstrate explicit validation or sanitization of input data before interpolation into the prompt context.
Audit Metadata