rag-service
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill facilitates the ingestion and retrieval of external, potentially untrusted content.
- Ingestion points: The
savemethod inSKILL.mdallows documents from external sources to be stored. - Boundary markers: The client implementation does not demonstrate the use of delimiters or instructions to the agent to disregard instructions within retrieved text.
- Capability inventory: The skill provides content that influences agent reasoning and decision-making by providing search results.
- Sanitization: There is no evidence of sanitization or filtering for the retrieved text strings before they are returned to the agent context.
Audit Metadata