langchain-retrieval
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
- EXTERNAL_DOWNLOADS (MEDIUM): The skill clones a template from 'https://github.com/Eng0AI/langchain-retrieval.git'. This organization is not recognized as a trusted source, posing a potential supply chain risk.
- REMOTE_CODE_EXECUTION (MEDIUM): Executing 'pnpm install' on the cloned repository can trigger arbitrary code execution through lifecycle scripts (preinstall/postinstall) defined in the external package.json.
- CREDENTIALS_UNSAFE (LOW): The setup instructions require the use of 'SUPABASE_PRIVATE_KEY' (service role key), which provides full administrative access to the database. These secrets could be exfiltrated if the downloaded template contains malicious code.
- PROMPT_INJECTION (LOW): The RAG (Retrieval-Augmented Generation) workflow is vulnerable to indirect prompt injection from untrusted data stored in the vector database. 1. Ingestion points: Supabase documents table via langchain-retrieval. 2. Boundary markers: Absent. 3. Capability inventory: LLM-based generation and database access. 4. Sanitization: Absent.
Audit Metadata