agentdb-semantic-vector-search
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSDATA_EXFILTRATIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (MEDIUM): The skill mandates installation of 'agentdb-vector-search' and 'ts-node' from npm. These are external packages from sources not identified as a Trusted External Source.
- DATA_EXFILTRATION (MEDIUM): The 'LIBRARY-FIRST PROTOCOL' in SKILL.md instructs the agent to check 'D:\Projects*' and 'EXTRACT' content. This represents an over-broad access pattern that could lead to the unauthorized exposure of private source code or sensitive project data.
- REMOTE_CODE_EXECUTION (MEDIUM): The skill uses 'npx agentdb@latest' and 'npx ts-node', which download and execute code from the internet at runtime without fixed versioning or integrity checks.
- PROMPT_INJECTION (LOW): The skill is susceptible to indirect prompt injection as it processes untrusted document corpora and user queries.
- Evidence Chain (Category 8):
- Ingestion points: Document text processing loops in SKILL.md and PROCESS.md.
- Boundary markers: None present to delimit untrusted content from system instructions.
- Capability inventory: Includes 'Write', 'Edit', and subprocess execution via 'npx'.
- Sanitization: No input validation or escaping logic is implemented for the processed documents.
Audit Metadata