moorcheh
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill implements Retrieval-Augmented Generation (RAG) patterns that process external or user-provided data, creating a potential surface for indirect prompt injection.
- Ingestion points: The
scripts/generate_answer.pyscript retrieves context from namespaces, andscripts/upload_text.pyuploads documents from JSON files. - Boundary markers: Absent. The scripts do not use specific delimiters or instructions to prevent the agent from following commands embedded within retrieved documents.
- Capability inventory: The
scripts/generate_answer.pyscript synthesizes natural language answers based on retrieved context, andscripts/search.pyperforms semantic searches. - Sanitization: Absent. The skill's scripts do not perform local filtering or sanitization of ingested content, relying instead on the backend Moorcheh API for safety.
- [EXTERNAL_DOWNLOADS]: The skill requires external dependencies for its operation, which are vendor-provided or standard libraries.
- Downloads the
moorcheh-sdkPython package, which is the official software development kit for the platform. - References the
requestslibrary for API communication. - [COMMAND_EXECUTION]: The skill includes Python scripts designed to execute operations via the Moorcheh SDK, such as namespace management and data indexing.
- These scripts (
create_namespace.py,upload_text.py, etc.) are standard CLI tools for interacting with the service and do not contain arbitrary command execution vulnerabilities.
Audit Metadata