retrieval-search-orchestration
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues were detected. The skill consists of Markdown and JSON documentation providing architectural guidance for Knowledge Graph retrieval.
- [INDIRECT_PROMPT_INJECTION]: The skill describes systems that ingest data from external Knowledge Graphs, which inherently involves an indirect prompt injection surface. Ingestion points: External knowledge graphs and source documents referenced in the workflow (SKILL.md). Boundary markers: The methodology recommends explicit citation markers and confidence-based phrasing in LLM instructions to ground the agent (resources/provenance-patterns.md). Capability inventory: The skill specifies the generation and execution of structured queries like Cypher or SPARQL via tool-augmented retrieval patterns (resources/methodology.md). Sanitization: The provided rubric evaluates 'Hallucination Prevention' and 'Provenance Quality' to verify evidence, though implementation-level sanitization of graph data is not detailed (resources/evaluators/rubric_retrieval.json).
Audit Metadata