dspy-better-together
Pass
Audited by Gen Agent Trust Hub on May 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides legitimate instructions for model optimization using the well-known DSPy library. Analysis of the provided scripts and instructions revealed no signs of prompt injection, data exfiltration, or unauthorized command execution.
- [INDIRECT_PROMPT_INJECTION]: The skill demonstrates processing external datasets for model training and validation. While this creates a potential surface for indirect prompt injection if untrusted data contains malicious instructions, this is a standard requirement for the skill's intended purpose and is considered low risk within a development environment.
- Ingestion points: External training and validation data loaded from JSON files (
intents.json,reviews.json) or local variables. - Boundary markers: None explicitly defined in the provided code examples.
- Capability inventory: Performs model fine-tuning via API calls and saves optimized programs to the local filesystem using
compiled.save(). - Sanitization: Standard data parsing and loading are employed; no specific input sanitization for instructions is shown in the snippets.
Audit Metadata