dspy-vizpy

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly sends training data to the VizPy SaaS (vizpy.vizops.ai) via vizpy.ContraPromptOptimizer.compile() and vizpy.PromptGradOptimizer.compile(), and then uses the optimized instructions/program returned from that third-party service to drive agent behavior, exposing the agent to untrusted external content that can change its actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill imports and uses the vizpy SDK (pip install vizpy) which contacts the VizPy SaaS at https://vizpy.vizops.ai at runtime (e.g., vizpy.ContraPromptOptimizer.compile) to send training data and return optimized instruction text that directly controls prompts, making this an external runtime dependency that influences agent behavior.