arize-prompt-optimization
Pass
Audited by Gen Agent Trust Hub on May 26, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill demonstrates excellent security posture by providing explicit negative instructions regarding credential handling. It forbids the agent from reading
.envfiles, searching the filesystem for secrets, or asking users to paste API keys into the chat, directing them instead to secure environment variables or the official Arize CLI profile management system. - [SAFE]: External dependencies and tools, such as the
arize-ax-cli, are official resources from the vendor (Arize) and are necessary for the skill's primary function of prompt optimization and observability. - [SAFE]: While the skill processes untrusted trace data (spans and annotations), it mitigates the risk of indirect prompt injection by providing a structured 'Optimization Meta-Prompt' template. This template uses clear boundary markers (e.g.,
ORIGINAL BASELINE PROMPT,PERFORMANCE DATA) and explicit instructions to focus on failures without blindly following instructions embedded within the processed data.
Audit Metadata