ai-data-engineering
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to build RAG (Retrieval-Augmented Generation) pipelines that ingest and process untrusted external data sources such as PDF, DOCX, and Markdown files. This architecture creates a surface for indirect prompt injection where malicious instructions embedded in documents could influence the agent's behavior during the generation phase.
- Ingestion points: Document ingestion stage mentioned in SKILL.md.
- Boundary markers: No explicit delimiters or 'ignore instructions' markers are defined in the provided snippets.
- Capability inventory: The skill includes capabilities for script execution (e.g., scripts/evaluate_rag.py) and vector database interactions.
- Sanitization: No sanitization or content filtering of the retrieved document chunks is implemented in the examples.
Audit Metadata