Skills
skills/lebsral/dspy-programming-not-prompting-lms-skills/ai-summarizing/Gen Agent Trust Hub

ai-summarizing

Pass

Audited by Gen Agent Trust Hub on May 13, 2026

Risk Level: SAFE
Full Analysis
  • [INDIRECT_PROMPT_INJECTION]: The skill's primary purpose is to process untrusted external content (transcripts, documents, support threads), which is a common vector for indirect prompt injection attacks.
  • Ingestion points: SKILL.md (Steps 2, 3, 5, 6) and examples.md (Examples 1, 2, 3) define inputs for text, transcript, thread, and document which are filled with untrusted user or external data.
  • Boundary markers: The provided dspy.Signature definitions do not include delimiters or instructions for the model to ignore potential commands embedded in the source text.
  • Capability inventory: The skill only demonstrates LLM inference patterns. It does not include subprocess execution, file system modifications, or network operations beyond the standard model provider calls.
  • Sanitization: No input validation or output sanitization logic is implemented in the tutorial snippets.
Audit Metadata
Risk Level
SAFE
Analyzed
May 13, 2026, 06:45 PM
Security Audit — agent-trust-hub — ai-summarizing