dspy
Fail
Audited by Snyk on Jun 29, 2026
Risk Level: CRITICAL
Full Analysis
CRITICAL E006: Malicious code pattern detected in skill scripts.
- Malicious code pattern detected (high risk: 1.00). The docs include dynamic code execution patterns (ProgramOfThought that "generates and executes Python code" and multiple uses of eval/exec-like evaluation in example tools), which create clear remote code execution/backdoor risk even though there is no overt data-exfiltration or credential-harvesting code shown.
Issues (1)
E006
CRITICALMalicious code pattern detected in skill scripts.
Audit Metadata