dspy-ruby

[Skill Scanner] Installation of third-party script detected All findings: [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] This skill README/instruction file documents a legitimate-seeming Ruby framework (DSPy.rb) for type-safe LLM programming. The capabilities described align with the stated purpose. There is no direct evidence of obfuscated or malicious code in the provided text. Primary security risks are operational: developers must supply API keys and telemetry credentials (ENV vars) and choose provider/proxy endpoints. If misconfigured, prompts and PII may be routed to third-party telemetry or proxy services (Langfuse, OpenRouter, custom Ollama hosts). Agent/tool examples create additional attack surface because those tools can perform arbitrary network or DB access — the documentation does not prescribe sandboxing or least-privilege controls. Recommend: review the actual gem code for any hidden network endpoints or unexpected data exfiltration, ensure telemetry is opt-in with clear redaction, restrict tool implementations, and verify gem provenance on RubyGems before installing.