dspy-framework
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICAL
Full Analysis
- SAFE: The provided metadata file contains no executable code, malicious instructions, or obfuscated content.
- External Downloads (SAFE): The skill specifies installation of the legitimate
dspy-aipackage and standard provider libraries (OpenAI, Anthropic). No suspicious or typosquatted dependencies were identified. - Indirect Prompt Injection (LOW): By design, the DSPy framework optimizes prompts using external data, creating an inherent surface for indirect prompt injection.
- Ingestion points: Training and evaluation datasets processed by modules such as
BootstrapFewShotandMIPROv2. - Boundary markers: None specified in metadata; standard DSPy signatures typically do not enforce strict delimiters for training data.
- Capability inventory: The framework facilitates multi-hop reasoning, agent routing, and code generation (
ProgramOfThought). - Sanitization: No explicit sanitization or validation logic is defined in the metadata for the ingested data.
- Automated Scan Note: The scanner alert regarding
self.logger.infoappears to be a false positive, as that string is a common logging call and is not present in the analyzed file.
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata