zvec
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides standard documentation for an in-process vector database library. All documented code snippets and usage patterns are legitimate and consistent with the library's stated purpose.
- [EXTERNAL_DOWNLOADS]: The documentation notes that local embedding and reranking extensions download pre-trained models from public repositories like Hugging Face on first use, which is standard and expected behavior for these AI components.
- [COMMAND_EXECUTION]: The skill includes standard installation instructions using pip and npm for the official library packages.
- [PROMPT_INJECTION]: The database facilitates the ingestion of external data for indexing, representing a typical surface for indirect prompt injection if untrusted content is processed.
- Ingestion points: Document ingestion via
insertandupsertmethods inreferences/data-operations.md. - Boundary markers: None are explicitly defined in the documentation.
- Capability inventory: Supports file system writes via
create_and_openand network-based embedding APIs. - Sanitization: The skill does not provide specific sanitization or validation routines for document content.
Audit Metadata