sap-ai-core
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: Comprehensive review of the skill's documentation and templates found no malicious patterns, hidden code, or security vulnerabilities. The skill's behavior aligns with its stated purpose of providing development guidance for SAP AI services.
- [CREDENTIALS_UNSAFE]: Authentication details, including Client IDs and Secrets, are consistently represented by placeholders like
<your-client-id>and<your-client-secret>. No actual credentials or sensitive environment files are exposed. - [EXTERNAL_DOWNLOADS]: The skill references official SAP domains for documentation and uses standard Python package registries for legitimate SAP-related libraries. No suspicious or unverified third-party downloads were detected.
- [PROMPT_INJECTION]: The skill documentation correctly identifies the risk of prompt injection when dealing with LLMs and provides templates for implementing security guardrails such as PromptShield and Llama Guard 3 within the SAP orchestration service.
- [COMMAND_EXECUTION]: Commands provided in the guides are standard
curlrequests for interacting with the SAP AI Core API and basic shell commands for environment variable configuration.
Audit Metadata