Skills
skills/omidzamani/dspy-skills/dspy-bootstrap-fewshot/Gen Agent Trust Hub

dspy-bootstrap-fewshot

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: CRITICALPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION] (LOW): The skill is subject to Indirect Prompt Injection (Category 8) vulnerabilities as its primary purpose is processing untrusted training data to influence model behavior.
  • Ingestion points: The trainset and devset parameters in the optimize_with_bootstrap and optimizer.compile functions.
  • Boundary markers: Absent; the code does not implement delimiters or 'ignore' instructions for the training data.
  • Capability inventory: The skill uses dspy.Module and dspy.teleprompt to execute calls to Large Language Models (OpenAI GPT models) and saves program state to the local filesystem.
  • Sanitization: No validation or sanitization of the training example content is performed before processing.
  • [SAFE] (SAFE): The automated scan finding for 'logger.info' is a false positive. The scanner misidentified a standard Python logging method call (logger.info) as a malicious URL. No actual malicious code or exfiltration patterns were identified in the implementation.
Recommendations
  • Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 17, 2026, 06:21 PM