langgraph-agents
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- Unverifiable Dependencies (MEDIUM): The skill promotes the use of a non-standard and unverified library 'lang-core' for tasks such as PII safety, budget enforcement, and provider routing. This package is not part of the official LangChain or LangGraph ecosystems, posing a potential supply chain risk.
- Prompt Injection (LOW): The defined agent architecture ingests untrusted data from external sources like web searches and SQL queries without evidence of sanitization or boundary markers. 1. Ingestion points: File SKILL.md (tavily_search, wikipedia, csv_reader). 2. Boundary markers: Absent in provided snippets. 3. Capability inventory: SQL execution, multi-agent routing, and web search. 4. Sanitization: Absent.
Audit Metadata