Skills
skills/yonatangross/orchestkit/langgraph-human-in-loop/Gen Agent Trust Hub

langgraph-human-in-loop

Pass

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: LOWPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • PROMPT_INJECTION (LOW): The skill exhibits an Indirect Prompt Injection surface. The HITL patterns capture raw user input via CLI input() and REST API endpoints and store it directly in the workflow state, which is then used by subsequent nodes.
  • Ingestion points: SKILL.md (Feedback Loop Pattern input()), references/api-integration.md (FastAPI ApprovalRequest), and references/feedback-loop.md (input()).
  • Boundary markers: Absent; user input is directly assigned to state keys such as feedback or answer without delimiters.
  • Capability inventory: The skill is explicitly designed to gate 'dangerous operations', 'sensitive actions', and 'publishing' (e.g., SKILL.md, checklists/hitl-checklist.md).
  • Sanitization: None; the captured input is treated as trusted data.
  • EXTERNAL_DOWNLOADS (LOW): The skill code depends on several external Python libraries.
  • Evidence: langgraph, fastapi, pydantic, and uuid-utils are imported or referenced in the implementation snippets.
  • Status: These are legitimate packages from reputable sources, though they represent an external dependency chain.
Audit Metadata
Risk Level
LOW
Analyzed
Feb 16, 2026, 12:30 AM