rag-implementation
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): The skill instructions define a specialized persona and provide guidance on following reference files. There are no attempts to bypass safety filters, extract system prompts, or override core instructions using malicious patterns.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, API keys, or sensitive file paths were found. The code snippets include standard API calls (e.g., OpenAI embeddings) but no unauthorized external data transfers.
- [Obfuscation] (SAFE): All content is in plain text. No Base64, zero-width characters, or encoded commands are present.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill does not include package management files (requirements.txt, package.json) and does not perform remote script execution or dynamic code generation from untrusted sources.
- [Indirect Prompt Injection] (LOW): The skill is designed to process external document data for RAG. While it has the capability to ingest untrusted data, it lacks dangerous capabilities (like shell access or file writing) that could be exploited via indirect injection. The logic primarily focuses on embedding and ranking content.
- [Dynamic Execution] (SAFE): Code snippets provided are for reference and do not involve runtime compilation or unsafe deserialization of external data.
Audit Metadata