Skills
skills/orchestra-research/ai-research-skills/llamaindex/Gen Agent Trust Hub

llamaindex

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFE
Full Analysis
  • Indirect Prompt Injection (LOW): The guides describe patterns for ingesting untrusted data from web pages, GitHub repositories, and local directories. This is a standard RAG surface where malicious instructions in documents could attempt to influence agent behavior.
  • Ingestion points: SimpleWebPageReader, GithubRepositoryReader, and SimpleDirectoryReader in data_connectors.md.
  • Boundary markers: Examples in query_engines.md show the use of dashed line delimiters in PromptTemplate to separate context from instructions.
  • Capability inventory: The documentation shows agents capable of text synthesis and calling localized tools (e.g., multiply in agents.md).
  • Sanitization: Explicit sanitization or filtering of retrieved content is not implemented in these basic reference snippets.
  • Data Exposure (SAFE): The documentation uses safe placeholders like integration_token="your-token" for API credentials rather than hardcoding actual secrets.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:05 PM