arize-prompt-optimization
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs users to install the
arize-ax-clipackage from PyPI using standard package managers likepip,pipx, oruv. This package is the official tool from the skill's author, Arize-ai. - [COMMAND_EXECUTION]: Utilizes the
axcommand-line utility to interact with the Arize platform, including listing and exporting spans, traces, and datasets. It also makes extensive use of thejqutility to process and join JSON data exported from the CLI. - [PROMPT_INJECTION]: Features an indirect prompt injection surface where the skill extracts data from production traces (which may contain untrusted user content) and incorporates it into a meta-prompt for prompt optimization.
- Ingestion points: Data is extracted from local JSON files such as
trace_*/spans.jsonanddataset_*/examples.json. - Boundary markers: The optimization meta-prompt uses section headers like
ORIGINAL BASELINE PROMPTandPERFORMANCE DATAto delineate instructions from external data. - Capability inventory: The skill has the capability to execute shell commands, export platform data, and generate prompts for an LLM.
- Sanitization: The skill does not explicitly perform sanitization or filtering of the trace data before it is interpolated into the meta-prompt.
Audit Metadata