Skills
skills/github/awesome-copilot/arize-prompt-optimization/Gen Agent Trust Hub

arize-prompt-optimization

Pass

Audited by Gen Agent Trust Hub on May 6, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted data from production traces and datasets which is then interpolated into a 'meta-prompt' for the LLM. This creates an indirect prompt injection surface where malicious data in a trace could influence the optimization process.
  • Ingestion points: Trace data exported via ax spans export and datasets via ax datasets export (SKILL.md).
  • Boundary markers: The meta-prompt uses structural headers (e.g., 'PERFORMANCE DATA') and visual delimiters (================) to separate external data from instructions.
  • Capability inventory: The skill executes shell commands (ax, jq, export) and provides instructions for profile management.
  • Sanitization: No explicit sanitization or filtering of the processed trace content is mentioned before it is interpolated into the prompt template.
  • [EXTERNAL_DOWNLOADS]: The skill provides instructions to download and install the arize-ax-cli package from standard registries using uv, pipx, or pip (references/ax-setup.md).
  • [COMMAND_EXECUTION]: The skill uses various shell commands for its core functionality, including the ax CLI for Arize operations and jq for JSON manipulation. It also suggests persisting configuration by appending export commands to shell profiles such as ~/.zshrc or ~/.bashrc (references/ax-profiles.md).
Audit Metadata
Risk Level
SAFE
Analyzed
May 6, 2026, 01:59 AM