Skills
skills/jeremylongshore/claude-code-plugins-plus-skills/mistral-core-workflow-b/Gen Agent Trust Hub

mistral-core-workflow-b

Pass

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface within its RAG (Retrieval-Augmented Generation) and function-calling logic.\n
  • Ingestion points: Untrusted data enters the agent's context via the indexKnowledge and chat methods in the RAGChat class, as well as the userMessage parameter in chatWithTools within SKILL.md.\n
  • Boundary markers: The system prompt used for RAG does not employ robust delimiters (e.g., XML tags or specific separators) or explicit instructions to ignore potentially malicious instructions embedded within the retrieved context.\n
  • Capability inventory: The skill leverages the official Mistral AI SDK to perform chat completions and embedding generations, and it implements a loop that executes local functions based on model output.\n
  • Sanitization: There is no evidence of input validation, sanitization, or filtering applied to the retrieved context or user-provided messages before they are interpolated into the system prompt.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 12, 2026, 01:03 AM