scry-vectors
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill operates on a public document corpus, which presents an indirect prompt injection surface.
- Ingestion points: Untrusted data enters the agent context through SQL query results from scry.mv_* views (e.g., scry.mv_high_score_posts) as described in SKILL.md and references/algebra-patterns.md.
- Boundary markers: The skill explicitly instructs the agent to treat retrieved text as untrusted and never follow instructions found within corpus payloads.
- Capability inventory: The skill's primary capability is making HTTPS requests to the vendor API (api.exopriors.com) using curl.
- Sanitization: The skill recommends using content_risk filters and row limits (LIMIT) to mitigate risks.
- [EXTERNAL_DOWNLOADS]: The skill makes API requests to api.exopriors.com. These are legitimate vendor resources used for embedding and querying vectors.
Audit Metadata