mistral-reference-architecture
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill defines architectural patterns for prompt templates that interpolate untrusted user data without sanitization or robust delimiters, which constitutes a surface for indirect prompt injection.\n
- Ingestion points: Untrusted data enters the agent context via the userTemplate functions in the PROMPTS object (SKILL.md) and the templates object (references/implementation.md).\n
- Boundary markers: While specific templates use markdown code blocks (e.g., codeReview), most templates lack delimiters or instructions to ignore embedded commands.\n
- Capability inventory: The architecture facilitates network operations and chat completions via the Mistral AI SDK.\n
- Sanitization: The provided code snippets do not implement input validation or escaping for the external content before interpolation.
Audit Metadata