Skills
skills/constructive-io/constructive-skills/rag-pipeline/Gen Agent Trust Hub

rag-pipeline

Pass

Audited by Gen Agent Trust Hub on Feb 27, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill provides an implementation that is vulnerable to Indirect Prompt Injection (Category 8).
  • Ingestion points: Untrusted data is ingested into the system via the addDocument method (which stores document content) and the query method (which accepts user questions) in src/services/rag.service.ts.
  • Boundary markers: The implementation in src/utils/ollama.ts lacks sufficient boundary markers or 'ignore' instructions; it uses simple string templates like Context: ${context}\n\nQuestion: ${prompt} to combine retrieved data with user queries.
  • Capability inventory: The code provides capabilities to read from and write to a PostgreSQL database and generate text via a connected Ollama LLM service.
  • Sanitization: There is no evidence of sanitization, escaping, or validation of the retrieved context strings before they are interpolated into the final prompt sent to the LLM.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 27, 2026, 05:33 AM