Skills
skills/doanchienthangdev/omgkit/rag-systems/Gen Agent Trust Hub

rag-systems

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [Indirect Prompt Injection] (MEDIUM): The skill documents code patterns for Query Expansion and HyDE (Hypothetical Document Embeddings) that are vulnerable to prompt injection.
  • Ingestion points: The query parameter in the expand_query and hyde functions in SKILL.md takes untrusted user input.
  • Boundary markers: None. The snippets use raw f-strings (f"...\n{query}") which provide no separation between instructions and data.
  • Capability inventory: The snippets call model.generate(prompt), which influences the LLM's logic and subsequent retrieval steps.
  • Sanitization: No sanitization, escaping, or validation of the query input is present.
  • [EXTERNAL_DOWNLOADS] (LOW): The code snippets reference external Python libraries (rank_bm25, sentence_transformers, faiss) which are standard in the industry but are listed without version constraints or integrity checks.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 12:33 AM