Model Evaluator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Prompt Injection] (LOW): Indirect prompt injection vulnerability identified in the LLM-as-Judge protocol section.
- Ingestion points: Untrusted data enters via the
{question},{response}, and{ground_truth}variables in the evaluation prompt template. - Boundary markers: Absent. The template does not use delimiters or instructions to prevent the judge LLM from following commands embedded within the response being evaluated.
- Capability inventory: The skill utilizes
model.predictand prompt-based judging, which can be influenced by malicious content in the processed data. - Sanitization: Absent. There is no evidence of input filtering or escaping for the variables interpolated into the judge prompt.
Audit Metadata