dspy-finetune-bootstrap
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICAL
Full Analysis
- [Data Exposure & Exfiltration] (SAFE): No sensitive data access or exfiltration patterns were detected. While the skill performs logging via
logger.info, it only records performance metrics (scores) and does not transmit them to external servers. - [Indirect Prompt Injection] (LOW): The skill possesses a surface for indirect prompt injection as it processes untrusted training and development datasets (
trainset,devset). - Ingestion points:
finetune_classifierandfinetune_rag_classifierfunctions take user-provided datasets. - Boundary markers: Absent; the examples do not demonstrate the use of delimiters or 'ignore embedded instruction' warnings when processing examples.
- Capability inventory: The skill uses
dspy.LM(network/API access) andfinetuned.save(file write). - Sanitization: None provided in the examples.
- [External Downloads] (LOW): The skill references a remote retriever endpoint at
http://20.102.90.50:2017/wiki17_abstracts. While this is a known public server for DSPy tutorials, it is an unencrypted (HTTP) non-whitelisted domain. This is considered a low-risk dependency in a development context. - [False Positive Note]: An automated scanner flagged
logger.infoas a malicious URL. This is a false positive caused by the scanner misinterpreting the Python method call as a domain string.
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata