langgraph
Pass
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides documentation and coding patterns for the LangGraph framework without any malicious intent or hidden code. The instructions focus on establishing robust and secure workflow management.- [CREDENTIALS_UNSAFE]: Usage of connection strings in examples like
PostgresSaver.from_conn_string("postgresql://...")uses generic placeholders and adheres to best practices by recommending environment variable management and .env files.- [EXTERNAL_DOWNLOADS]: Referenced packages and libraries such as@langchain/langgraph,pydantic, andsentence-transformersare well-known, established libraries in the AI ecosystem. These are documented for use in standard development workflows.- [DATA_EXFILTRATION]: The skill provides guidance on usingWebFetchandWebSearchtools within a controlled workflow environment. It specifically addresses risks by providing patterns for human-in-the-loop (HITL) approval gates. (1) Ingestion: Processes user-suppliedqueryandmessages. (2) Boundary: Recommendsinterrupt()for human approval and explicit TypedDict schemas. (3) Capability: Demonstrates tool execution and state updates. (4) Sanitization: Promotes Pydantic validation and state reducers to prevent schema confusion.
Audit Metadata