haystack
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The documentation and scripts recommend installing the
haystack-aiandsentence-transformerslibraries via standard package managers. These are well-known, legitimate open-source libraries for building AI search systems. - [PROMPT_INJECTION]: The skill demonstrates the construction of Retrieval-Augmented Generation (RAG) pipelines in
scripts/basic_rag_pipeline.py. This introduces a standard indirect prompt injection surface as user queries and retrieved documents are interpolated into LLM prompts. - Ingestion points: User input (
query) and retrieved data (documents) inscripts/basic_rag_pipeline.pyandreferences/components.md. - Boundary markers: The templates use standard text headers like "Context:" and "Question:" to delimit content.
- Capability inventory: The pipeline has the capability to generate text via the
OpenAIChatGeneratorbased on the provided context. - Sanitization: The example code does not implement explicit sanitization of retrieved content, which is typical for framework-level documentation but represents a surface to be aware of during implementation.
- [CREDENTIALS_UNSAFE]: The skill correctly implements secret management by using Haystack's
Secret.from_env_varutility inscripts/basic_rag_pipeline.py, ensuring that sensitive API keys are not hardcoded in the source code.
Audit Metadata