Skills
skills/proffesor-for-testing/sentinel-api-testing/AgentDB Vector Search/Gen Agent Trust Hub

AgentDB Vector Search

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • EXTERNAL_DOWNLOADS (MEDIUM): The skill utilizes npx agentdb@latest to install and run tools from the npm registry. The package originates from an untrusted source ('ruvnet').
  • REMOTE_CODE_EXECUTION (MEDIUM): The use of npx for package execution fetches and runs remote code.
  • PROMPT_INJECTION (LOW): The RAG implementation example shows an indirect prompt injection surface. Evidence Chain: 1. Ingestion points: Data is processed via AgentDB storage and retrieval methods as seen in SKILL.md. 2. Boundary markers: No delimiters or 'ignore' instructions are present in the provided LLM prompt template example. 3. Capability inventory: The skill facilitates LLM generation (llm.generate) based on retrieved data. 4. Sanitization: No input sanitization or escaping is used for external context before it is interpolated into the prompt.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 06:43 PM