Skills
skills/jeremylongshore/claude-code-plugins-plus-skills/langchain-cost-tuning/Gen Agent Trust Hub

langchain-cost-tuning

Pass

Audited by Gen Agent Trust Hub on Apr 2, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: Indirect Prompt Injection Surface\n
  • Ingestion points: The summarize_context function and the router logic in references/implementation.md accept untrusted data through the long_text and input_data parameters.\n
  • Boundary markers: Prompt templates in references/implementation.md lack delimiters (such as XML tags or triple backticks) and explicit instructions for the model to ignore embedded commands within the interpolated text.\n
  • Capability inventory: The implementation includes capabilities to invoke language models (llm.invoke) and branch execution flow via RunnableBranch based on input content.\n
  • Sanitization: No input validation, filtering, or sanitization is observed in references/implementation.md prior to prompt interpolation.\n- [SAFE]: External Resources and Documentation\n
  • The skill references the official GitHub repository for the tiktoken library by OpenAI.\n
  • It provides links to pricing documentation from trusted service providers, including OpenAI and Anthropic.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 2, 2026, 01:35 AM