AgentDB Vector Search
Warn
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the agent to download the 'agentdb' package from the npm registry using 'npx'.
- [REMOTE_CODE_EXECUTION]: Execution of code via 'npx' at runtime constitutes a remote code execution vector as it pulls code directly from a package registry.
- [COMMAND_EXECUTION]: Provides numerous CLI-based tools for database initialization, data export/import, and performance benchmarking.
- [PROMPT_INJECTION]: The skill presents a surface for indirect prompt injection through its document retrieval and context-aware querying features.
- Ingestion points: Data is ingested from local database files ('vectors.db') and JSON backup files ('backup.json').
- Boundary markers: The implementation lacks explicit delimiters to distinguish retrieved context from user or system instructions in its RAG examples.
- Capability inventory: The skill has the ability to read and write to the file system and execute shell commands via 'npx'.
- Sanitization: No sanitization or validation of the content retrieved from the database is demonstrated before it is used in LLM prompts.
Audit Metadata