continuous-llm-red-teaming-with-promptfoo

Pass

Audited by Gen Agent Trust Hub on Jun 23, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The helper script scripts/agent.py invokes the promptfoo CLI tool using subprocess.run(). This implementation follows security best practices by passing arguments as a list rather than a shell string, effectively preventing command injection vulnerabilities.
  • [EXTERNAL_DOWNLOADS]: The skill utilizes promptfoo and deepteam, which are well-recognized open-source projects for AI security and evaluation. These are installed via standard package managers (npm and pip) from official registries, which is standard procedure for using these tools.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 23, 2026, 01:39 PM
Security Audit — agent-trust-hub — continuous-llm-red-teaming-with-promptfoo