rag
Pass
Audited by Gen Agent Trust Hub on Mar 25, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill documentation and accompanying code assets demonstrate safe practices for building AI-driven search systems. No malicious patterns or security violations were found during the analysis.\n- [CREDENTIALS_UNSAFE]: The skill correctly avoids hardcoded credentials. It utilizes environment variable lookups (e.g., System.getenv("DB_PASSWORD")) and YAML placeholders to manage sensitive API keys and database access.\n- [PROMPT_INJECTION]: The skill identifies the inherent risk of indirect prompt injection in RAG architectures and provides a clear defense-in-depth approach.\n
- Ingestion points: External data is ingested through various loaders as defined in SKILL.md and assets/retriever-pipeline.java.\n
- Boundary markers: Recommended implementation patterns include structured prompt templates and grounding checks to separate context from instructions.\n
- Capability inventory: Access is restricted to necessary tools (Read, Write, Bash) for document management.\n
- Sanitization: The skill provides specific instructions to validate and sanitize all external content and apply content filtering before LLM processing.
Audit Metadata