skills/datadrivenconstruction/ddc_skills_for_ai_agents_in_construction/vector-search/Gen Agent Trust Hub
vector-search
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill contains an indirect prompt injection attack surface within its RAG (Retrieval-Augmented Generation) logic. 1. Ingestion points: DocumentIndexingPipeline in SKILL.md reads local PDF, TXT, and MD files, while ConstructionRAG retrieves this content for querying. 2. Boundary markers: The prompt template in ConstructionRAG.answer_query uses 'Context:' and 'Query:' delimiters and includes instructions to the LLM to only use the provided context, which provides limited protection against adversarial content. 3. Capability inventory: The skill has permissions to read local files and communicate with external vector database and LLM APIs. 4. Sanitization: There is no evidence of content sanitization or filtering of document text before it is interpolated into the system prompt.
- [DATA_EXFILTRATION]: The skill performs expected filesystem and network operations. It reads construction documents and metadata for indexing and communicates with OpenAI and Qdrant/ChromaDB services. These operations are consistent with the skill's documented purpose and target well-known or vendor-owned infrastructure (datadrivenconstruction.io).
- [EXTERNAL_DOWNLOADS]: The skill utilizes the sentence-transformers library to download pre-trained embedding models from well-known repositories such as Hugging Face and Allen Institute for AI.
Audit Metadata