openserv-agent-sdk
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): Several examples, including capability-example.ts and capability-with-agent-methods.ts, demonstrate the interpolation of untrusted user input directly into LLM prompts via the this.generate() method.
- Ingestion points: The text and topic arguments in the run functions of capabilities.
- Boundary markers: No delimiters or explicit instructions to ignore embedded commands are present in the example prompts.
- Capability inventory: The agents in these examples utilize powerful capabilities such as file creation (uploadFile), file deletion (deleteFile), and task delegation (createTask).
- Sanitization: The provided example code does not perform any escaping or validation of user-controlled strings before prompt inclusion.
Audit Metadata