Skills
skills/zainhas/skills/together-embeddings/Gen Agent Trust Hub

together-embeddings

Pass

Audited by Gen Agent Trust Hub on Mar 30, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill provides Python and TypeScript scripts that execute standard API calls to Together AI. Commands mentioned in documentation (e.g., uv pip install) are standard dependency management practices and are not used for malicious purposes.
  • [EXTERNAL_DOWNLOADS]: The skill references official Together AI documentation and SDKs. These are trusted sources and are necessary for the skill's primary functionality.
  • [DATA_EXFILTRATION]: No evidence of data exfiltration was found. Network operations are strictly limited to official Together AI API endpoints (api.together.xyz) for generating embeddings and reranking documents.
  • [PROMPT_INJECTION]: The rag_pipeline.py script includes a system prompt for answer generation based on retrieved context. It follows best practices for RAG (Retrieval-Augmented Generation) and does not attempt to bypass safety filters or override agent behavior.
  • [CREDENTIALS_UNSAFE]: The skill correctly instructs users to manage their API keys via environment variables (TOGETHER_API_KEY) and does not contain any hardcoded secrets.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 30, 2026, 06:15 PM