skills/lebsral/dspy-programming-not-prompting-lms-skills/ai-tracking-experiments/Gen Agent Trust Hub
ai-tracking-experiments
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [DATA_EXFILTRATION] (INFO): The code initiates network requests to external LLM providers (OpenAI, Anthropic) via the DSPy library for model evaluation. This is standard and expected behavior for this framework.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill demonstrates processing external data (
ticket_text) through a language model classifier. This creates a potential surface for indirect prompt injection where malicious input could influence the model's logic. However, as the example focuses on classification and logging with no high-privilege side effects, the risk is negligible. - [EXTERNAL_DOWNLOADS] (LOW): The code depends on the
dspypackage, which is a standard library for programmatic LLM usage.
Audit Metadata