ollama
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches and executes an installation script from the official Ollama website (ollama.ai). This is the standard deployment method for the tool.
- [COMMAND_EXECUTION]: Documents various shell commands for interacting with the Ollama CLI to manage models and serve the local API.
- [PROMPT_INJECTION]: The RAG and function-calling patterns in section 11 demonstrate a surface for indirect prompt injection. Ingestion occurs in the
rag_queryfunction inSKILL.mdwhere external data is interpolated into the system prompt. No boundary markers or sanitization logic are present in these code examples, which could allow malicious external content to influence agent behavior through theollama.chatcapability.
Audit Metadata