agenta
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- External Downloads (LOW): The README.md file instructs users to install the 'agenta' Python package and deploy a Docker container from 'ghcr.io/agenta-ai/agenta'. While these are standard practices for the tool, the source organization is not included in the pre-approved trusted list.
- Indirect Prompt Injection (LOW): The skill documentation provides examples that process external strings via LLM completion functions without demonstrating sanitization.
- Ingestion points: User-controlled data enters the system through the 'prompt' parameter in the 'generate' function and the 'text' parameter in the 'summarize' function.
- Boundary markers: None are present in the examples; user input is directly interpolated into prompt strings.
- Capability inventory: The tool includes capabilities to call LLM providers via 'ag.llm.complete'.
- Sanitization: No input validation or escaping mechanisms are shown in the provided snippets.
Audit Metadata