javascript-sdk
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Indirect Prompt Injection (SAFE): The SDK documentation describes methods for processing external data via AI models, which is an inherent surface for indirect prompt injection. \n
- Ingestion points: Untrusted data enters the context through the
inputobject inclient.runand message content inagent.sendMessageas shown inreferences/files.mdandreferences/streaming.md. \n - Boundary markers: The examples do not demonstrate the use of delimiters or specific instructions to ignore embedded commands. \n
- Capability inventory: The skill allows for network communication with
api.inference.shand local file reading viareadFileSyncor automatic path-based uploads. \n - Sanitization: No specific input sanitization or validation logic is presented in the reference material. \n- Data Exposure & Exfiltration (SAFE): The reference material describes intended file-handling capabilities, such as uploading local files by path. No sensitive system paths are used in examples, and the behavior is consistent with the primary purpose of the SDK. \n- Credentials Security (SAFE): The documentation provides proactive security advice in
references/server-proxy.md, instructing developers on how to use backend proxies to avoid exposing API keys in browser environments.
Audit Metadata