Skills
skills/housegarofalo/claude-code-base/llamaindex/Gen Agent Trust Hub

llamaindex

Pass

Audited by Gen Agent Trust Hub on Mar 15, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill includes instructions to use the system shell to install the llama-index library and its associated integrations via pip.
  • [EXTERNAL_DOWNLOADS]: The installation steps involve downloading official packages from the Python Package Index (PyPI). These are standard dependencies for the LlamaIndex framework.
  • [PROMPT_INJECTION]: The skill documents the creation of systems that ingest untrusted data from various sources, which constitutes a surface for indirect prompt injection.
  • Ingestion points: Data is ingested via SimpleDirectoryReader (local file system), SimpleWebPageReader (external URLs), and DatabaseReader (database queries) in SKILL.md.
  • Boundary markers: The provided examples do not explicitly demonstrate the use of prompt delimiters or instructions to ignore embedded commands within the processed data.
  • Capability inventory: The skill facilitates file system access, network requests (web reading), and database connectivity to build knowledge bases.
  • Sanitization: No specific content sanitization, validation, or filtering of external data is demonstrated in the basic configuration examples.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 15, 2026, 11:08 AM