pydantic-ai
Pass
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
pydantic-ailibrary and its provider-specific extras (OpenAI, Anthropic, Gemini, etc.) from PyPI, which is a standard procedure for this framework. - [COMMAND_EXECUTION]: Example Step 4 demonstrates using
httpxto fetch JSON data fromhttps://wttr.in, a well-known and harmless weather information service. This is used for educational purposes to demonstrate tool-calling capabilities. - [DATA_EXFILTRATION]: While the skill demonstrates network operations (fetching weather data), it does not involve accessing sensitive local files or credentials. It explicitly advises against hardcoding API keys and recommends using environment variables.
- [PROMPT_INJECTION]: The skill identifies an attack surface for indirect prompt injection as it processes data from external APIs (like the weather API) and passes it back to the agent.
- Ingestion points: Data enters the agent via
agent.run()and the return values of registered tools likeget_temperature(SKILL.md). - Boundary markers: The provided examples do not explicitly show boundary markers or specific instructions to the agent to ignore embedded instructions in tool outputs.
- Capability inventory: The skill demonstrates capabilities for network access via
httpx(SKILL.md). - Sanitization: The framework inherently uses Pydantic models (
MovieReview,WeatherReport) to validate and structure the data returned by the LLM, providing a layer of protection against malformed or unexpected responses.
Audit Metadata