Skills
skills/giuseppe-trisciuoglio/developer-kit-claude-code/chunking-strategy/Gen Agent Trust Hub

chunking-strategy

Warn

Audited by Gen Agent Trust Hub on Feb 23, 2026

Risk Level: MEDIUMREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The ChunkingCache implementation in references/implementation.md uses pickle.loads() to retrieve data from a Redis instance or local cache. Using pickle for deserialization is inherently insecure as it can be exploited to execute arbitrary code if an attacker manages to modify the stored cache data.
  • [PROMPT_INJECTION]: The skill is designed to process untrusted external documents for Retrieval-Augmented Generation (RAG). The provided pre-processing pipeline in references/implementation.md and strategies in references/semantic-methods.md lack explicit sanitization or defensive boundary markers for handling these documents. This establishes a surface for indirect prompt injection when processed chunks are subsequently used as context for an LLM. Ingestion points: references/implementation.md (DocumentAnalyzer.analyze). Boundary markers: Not implemented in the provided logic. Capability inventory: The skill metadata requests Bash, Write, and Read permissions. Sanitization: Absent from processing logic.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 23, 2026, 11:25 PM