vector-search
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill implements retrieval-augmented generation patterns that are susceptible to indirect prompt injection.
- Ingestion points: The skill ingests untrusted data from user-provided 'query_text' and retrieved 'document_chunks' content during search operations (file: SKILL.md).
- Boundary markers: No explicit delimiters, such as XML tags or unique markers, are specified to separate retrieved data from agent instructions.
- Capability inventory: The skill executes database RPC functions via the Supabase client and performs network requests to external embedding providers (OpenAI/Ollama).
- Sanitization: No input validation, escaping, or filtering of the processed text content is defined within the search or indexing patterns.
Audit Metadata