Skills
skills/cylixlee/skills/eino-adk/Gen Agent Trust Hub

eino-adk

Pass

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The architecture for building AI agents described in the skill creates a surface for indirect prompt injection.
  • Ingestion points: Untrusted data enters the agent context through the Runner.Run and Runner.Query methods documented in SKILL.md and references/api-reference.md.
  • Boundary markers: The examples and documentation do not provide or suggest the use of delimiters or explicit 'ignore' instructions to isolate untrusted input from the system prompt.
  • Capability inventory: The framework permits agents to execute arbitrary logic via tools defined with tool.BaseTool or utils.InferTool (as seen in references/examples.md), which may perform file or network operations.
  • Sanitization: No explicit sanitization or validation of external input is demonstrated before the content is passed to the LLM or tool implementations.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 9, 2026, 05:43 AM