Skills
skills/giuseppe-trisciuoglio/developer-kit-claude-code/langchain4j-rag-implementation-patterns/Gen Agent Trust Hub

langchain4j-rag-implementation-patterns

Pass

Audited by Gen Agent Trust Hub on Feb 24, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill implements a RAG architecture that processes external data from sources like the filesystem and web URLs, creating a surface for indirect prompt injection attacks. Malicious content within ingested documents could attempt to influence agent behavior. \n
  • Ingestion points: Detected in SKILL.md (FileSystemDocumentLoader) and references/references.md (UrlDocumentLoader). \n
  • Boundary markers: The provided system message templates in SKILL.md (e.g., KnowledgeAssistant) lack explicit delimiters or instructions to treat retrieved context as untrusted data. \n
  • Capability inventory: The skill is configured with Bash, Read, and Write tool access, which increases the potential impact if a prompt injection is successful. \n
  • Sanitization: No evidence of input sanitization or verification of document content before prompt interpolation.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 24, 2026, 12:17 AM