Skills
skills/lebsral/dspy-programming-not-prompting-lms-skills/dspy-utils/Gen Agent Trust Hub

dspy-utils

Pass

Audited by Gen Agent Trust Hub on Mar 22, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill documentation recommends installing the dspy[mcp] package via pip to enable Model Context Protocol support.
  • [COMMAND_EXECUTION]: The instructions for MCP integration demonstrate how to initialize local servers using StdioServerParameters, which involves executing local commands or scripts (e.g., python path/to/your/mcp_server.py) to establish a subprocess-based communication session.
  • [PROMPT_INJECTION]: The skill exposes an indirect prompt injection surface through the processing of external data in DSPy modules.
  • Ingestion points: Untrusted data enters the agent context via input fields like question in the streaming example and ticket_text in the classification module (SKILL.md, examples.md).
  • Boundary markers: The skill documentation notes the use of ChatAdapter delimiters (e.g., [[ ## field_name ## ]]) to separate fields within the LM prompt (SKILL.md).
  • Capability inventory: The skill has the capability to perform local file read/write operations for state persistence via save and load methods and to execute subprocesses for MCP server sessions (SKILL.md).
  • Sanitization: No explicit input sanitization or validation logic is detailed in the provided code snippets, relying instead on framework-level markers.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 22, 2026, 01:47 AM