Skills
skills/lebsral/dspy-programming-not-prompting-lms-skills/dspy-primitives/Gen Agent Trust Hub

dspy-primitives

Pass

Audited by Gen Agent Trust Hub on Apr 26, 2026

Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
  • [PROMPT_INJECTION]: The documentation outlines methods for the agent to ingest and process untrusted external data (images, audio, code, history) which creates a surface for indirect prompt injection. Mandatory Evidence: (1) Ingestion points: Remote URLs and user code inputs; (2) Boundary markers: Markdown blocks for code and structured dictionaries for history; (3) Capability inventory: Data is processed by LLMs via dspy.Predict; (4) Sanitization: Examples lack input validation for URLs or paths.
  • [DATA_EXFILTRATION]: The skill documentation illustrates the use of local file paths (e.g., '/path/to/photo.png') to load data into the agent's context. This capability provides a surface for potential exposure of local files if used without proper path validation.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 26, 2026, 09:00 AM