Skills
skills/qdrant/skills/qdrant-clients-sdk/Gen Agent Trust Hub

qdrant-clients-sdk

Pass

Audited by Gen Agent Trust Hub on Apr 1, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill provides installation instructions for official Qdrant SDKs across multiple languages, including Python (qdrant-client), JavaScript (@qdrant/js-client-rest), Rust, Go, .NET, and Java. These resources are hosted on well-known, official repositories and registries.
  • [DATA_EXFILTRATION]: The skill documents network requests to vendor-managed domains (api.qdrant.tech and snippets.qdrant.tech) to retrieve API documentation and code examples.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface through the ingestion of external code snippets.
  • Ingestion points: Code examples are fetched from https://snippets.qdrant.tech/search (SKILL.md).
  • Boundary markers: No explicit markers are used to isolate or warn against instructions contained within the fetched snippets.
  • Capability inventory: The skill environment includes the Bash tool, which could potentially be used to execute code fetched via the snippet search API.
  • Sanitization: No sanitization or verification procedures are specified for the external data retrieved from the search service.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 1, 2026, 12:30 PM