Skills
skills/github/awesome-copilot/arize-evaluator/Gen Agent Trust Hub

arize-evaluator

Pass

Audited by Gen Agent Trust Hub on May 5, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the arize-ax-cli (ax) command-line tool to interact with the Arize platform. It performs operations such as exporting telemetry spans, creating judge definitions, and triggering evaluation runs.
  • [EXTERNAL_DOWNLOADS]: The documentation in references/ax-setup.md provides instructions for installing the arize-ax-cli package using standard package managers like pip, uv, or pipx. These are downloads from a well-known service provider.
  • [PROMPT_INJECTION]: The skill contains a potential surface for indirect prompt injection.
  • Ingestion points: Data is ingested via ax spans export and ax experiments export commands (SKILL.md).
  • Boundary markers: There are no explicit boundary markers or instruction-ignoring delimiters used when displaying exported data in the agent's context.
  • Capability inventory: The skill has capabilities to execute ax CLI commands for data export, resource creation, and integration management across multiple files (SKILL.md, references/ax-profiles.md).
  • Sanitization: There is no evidence of sanitization or filtering of the telemetry data before it is read by the agent for structural analysis.
Audit Metadata
Risk Level
SAFE
Analyzed
May 5, 2026, 12:22 AM