together-embeddings
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect prompt injection surface identified in the RAG pipeline pattern.
- Ingestion points: External document data is ingested via the
documentsparameter inscripts/embed_and_rerank.pyandscripts/embed_and_rerank.ts. - Boundary markers: Absent. The example in
SKILL.mdinterpolates context directly into the system prompt without delimiters or instructions to the AI to ignore instructions within that context. - Capability inventory: The skill performs network requests to Together AI's official API endpoints.
- Sanitization: Absent. No filtering or escaping is performed on the retrieved content before it is processed.
Audit Metadata