Skills
skills/richfrem/agent-plugins-skills/vector-db-search/Gen Agent Trust Hub

vector-db-search

Pass

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill fetches the nomic-ai/nomic-embed-text-v1.5 model from Hugging Face during the initialization of the vector store operations in scripts/operations.py.
  • [REMOTE_CODE_EXECUTION]: In scripts/operations.py, the HuggingFaceEmbeddings class is configured with trust_remote_code=True, which permits the execution of arbitrary code provided within the downloaded model repository.
  • [COMMAND_EXECUTION]: The initialization script scripts/init.py executes system commands via subprocess.check_call to install Python dependencies from the requirements.txt file.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface. Ingestion points: The ingest.py script reads arbitrary files matching the project manifest. Boundary markers: The skill uses delimiters like --- RLM SUPER-RAG CONTEXT --- for summaries and separators in search results. Capability inventory: The agent has access to Bash and Read tools. Sanitization: No content-level sanitization or instruction filtering is performed on ingested data before it is indexed or retrieved.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 9, 2026, 06:37 PM