Skills
skills/pluginagentmarketplace/custom-plugin-ai-engineer/rag-systems/Gen Agent Trust Hub

rag-systems

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface where untrusted data from documents could influence the agent's behavior. \n
  • Ingestion points: External data enters the system through PyPDFLoader in SKILL.md and the ingest method in scripts/rag_pipeline.py. \n
  • Boundary markers: Prompt templates in scripts/rag_pipeline.py (lines 399-408) use text-based labels like 'Context:' and 'Question:', which provide weak separation between instructions and untrusted data. \n
  • Capability inventory: The RAGPipeline class in scripts/rag_pipeline.py performs retrieval and generation tasks but does not contain dangerous capabilities such as subprocess execution, file writing, or network requests to unknown domains. \n
  • Sanitization: No sanitization or filtering is performed on the retrieved document chunks before they are interpolated into the final prompt sent to the LLM.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 07:47 PM