knowledge-base-rag
Pass
Audited by Gen Agent Trust Hub on Apr 12, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: No attempts to override agent behavior, bypass safety guidelines, or extract system prompts were detected. The prompts used in the Python implementation are standard instructional templates for RAG systems.
- [DATA_EXFILTRATION]: No sensitive file path access, hardcoded credentials, or unauthorized network operations were found. The skill processes data passed directly to its functions without attempting to access the underlying host system.
- [REMOTE_CODE_EXECUTION]: No patterns for downloading or executing remote scripts or code (such as curl|bash) were identified. The implementation uses standard Python logic and libraries.
- [COMMAND_EXECUTION]: The skill does not perform arbitrary shell command execution or subprocess spawning.
- [EXTERNAL_DOWNLOADS]: No external dependencies, packages, or remote resources are downloaded or installed at runtime.
- [CREDENTIALS_UNSAFE]: No hardcoded API keys, tokens, or other secrets were found. The skill follows best practices by assuming credentials for external services (LLM, Vector Store) are handled by the provided abstractions.
- [OBFUSCATION]: No encoded content, zero-width characters, homoglyphs, or other obfuscation techniques were detected in the instructions or the implementation code.
Audit Metadata