Skills
skills/databricks-solutions/vibe-coding-workshop-template/production-monitoring/Gen Agent Trust Hub

production-monitoring

Pass

Audited by Gen Agent Trust Hub on Mar 8, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill implements LLM-based evaluators that are vulnerable to indirect prompt injection during the assessment of production traces. \n
  • Ingestion points: The relevance_scorer and guidelines_scorer functions in scripts/register_production_scorers.py and references/registered-scorers.md process untrusted data from agent inputs and outputs. \n
  • Boundary markers: The LLM judge prompts (e.g., judge_prompt) lack robust delimiters or specific instructions to ignore malicious commands embedded within the evaluated trace content. \n
  • Capability inventory: The skill uses mlflow.models.register_scorer to deploy these evaluators for continuous monitoring and mlflow.genai.assess for ad-hoc evaluations. \n
  • Sanitization: No input validation or escaping is applied to the trace data before it is interpolated into the judge prompts, allowing potential instruction override by the data being evaluated.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 8, 2026, 02:33 AM