ai-rag-pipeline
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: Indirect prompt injection surface identified in the RAG pipeline patterns.
- Ingestion points: Data retrieved from web search (Tavily, Exa) and content extraction tools.
- Boundary markers: Examples do not utilize delimiters (e.g., XML/Markdown blocks) or instructions to ignore commands within external context.
- Capability inventory: Uses infsh CLI via Bash to execute search and LLM tools.
- Sanitization: Untrusted web content is directly interpolated into prompt strings without validation or escaping.
- [COMMAND_EXECUTION]: The skill uses the infsh command within a restricted Bash environment to perform authentication and run AI applications.
Audit Metadata