ai-rag-pipeline
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill demonstrates patterns for ingesting untrusted data from web search tools and external URLs into LLM prompts.
- Ingestion points: External content is retrieved via
tavily/search-assistant,exa/search, andtavily/extractand then interpolated into prompt strings as seen inSKILL.mdexamples. - Boundary markers: The example prompt templates do not use specific delimiters or structured tagging (e.g., XML or Markdown blocks) to isolate external context from instructions.
- Capability inventory: The skill has access to the
infshtool, which enables network operations and interaction with various LLM providers. - Sanitization: There are no explicit instructions or code for sanitizing, escaping, or filtering the retrieved web content before it is processed by the agent.
- [EXTERNAL_DOWNLOADS]: The documentation references a shell script installation guide hosted on the developer's official GitHub repository (
github.com/inference-sh/skills). This is used for setting up the required CLI environment.
Audit Metadata