langsmith-observability
Pass
Audited by Gen Agent Trust Hub on Jun 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches the
langsmithSDK and references prompts from the LangChain Hub. Both are official resources from a well-known service.\n- [COMMAND_EXECUTION]: Includes standard environment configuration and package installation commands. No arbitrary execution detected.\n- [PROMPT_INJECTION]: Thellm_judge_evaluatorexample inreferences/advanced-usage.mddemonstrates an indirect prompt injection surface. * Ingestion points: Untrusted model outputs (prediction) and user queries (question) are ingested inreferences/advanced-usage.md. * Boundary markers: No delimiters or 'ignore' instructions are present in the judge prompt template. * Capability inventory: The judge model's output is used to generate evaluation scores; no dangerous capabilities (like file writing or shell execution) are triggered by this specific workflow. * Sanitization: The example does not include sanitization or escaping of the interpolated inputs.\n- [SAFE]: Recommends the use of environment variables for API key management and highlights standard platform features like file attachment for tracing, following documented SDK practices.
Audit Metadata