Skills
skills/omidzamani/dspy-skills/dspy-custom-module-design/Gen Agent Trust Hub

dspy-custom-module-design

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: CRITICALPROMPT_INJECTION
Full Analysis
  • [SAFE] (SAFE): No malicious logic, obfuscation, or persistence mechanisms were found in the skill.
  • [EXTERNAL_DOWNLOADS] (SAFE): The skill references official project documentation and repositories.
  • [PROMPT_INJECTION] (LOW): This finding identifies an indirect prompt injection surface. 1. Ingestion points: forward methods in ProductionRAG and RobustClassifier (SKILL.md) ingest user strings. 2. Boundary markers: Absent from the provided code examples. 3. Capability inventory: Modules invoke LLM predictors and perform local file operations for state serialization. 4. Sanitization: Examples show basic checks for empty input but do not implement prompt sanitization.
Recommendations
  • Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 17, 2026, 06:23 PM