Skills
skills/richfrem/agent-plugins-skills/vector-db-cleanup/Gen Agent Trust Hub

vector-db-cleanup

Pass

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The init.py script automatically installs necessary Python libraries from a requirements.txt file using pip. These dependencies include well-known packages such as chromadb, langchain, and sentence-transformers required for vector database operations.
  • [COMMAND_EXECUTION]: The skill executes system commands via Python's subprocess module to manage dependencies and provides wrappers for database maintenance operations. Specifically, cleanup.py performs deletion operations on the vector database to remove stale metadata and embeddings.
  • [PROMPT_INJECTION]: The skill implements a Retrieval-Augmented Generation (RAG) architecture. As it indexes local files for retrieval, it possesses a surface for indirect prompt injection if the source documents contains malicious instructions.
  • Ingestion points: Files are discovered based on the vector_knowledge_manifest.json and read via vector_config.py.
  • Boundary markers: None identified in the provided scripts.
  • Capability inventory: Dependency installation (init.py) and database deletions (cleanup.py).
  • Sanitization: Content is indexed as raw text chunks without explicit sanitization logic.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 12, 2026, 07:44 AM