ai-agent-builder
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill defines agent templates (Slack Bot, Telegram Bot, and Web Chat) that ingest untrusted external data, creating a surface for indirect prompt injection.
- Ingestion points: External messages from Slack, Telegram, and Web hooks (defined in
SKILL.md). - Boundary markers: None explicitly mentioned in the YAML configuration snippets to delimit user-provided content from system instructions.
- Capability inventory: The documented agents are configured with powerful tools including
database_query,send_email,jira_lookup, andcreate_ticket(defined inSKILL.md). - Sanitization: The templates do not demonstrate input validation or sanitization patterns before passing external content to the LLM.
- [EXTERNAL_DOWNLOADS]: The skill references integrations with well-known services and platforms for operational functionality.
- Evidence: Refers to
api.weather.comfor retrieving live weather data within tool definitions. - Evidence: References
@n8n/n8n-nodes-langchain.agentfor workflow execution within the n8n ecosystem.
Audit Metadata