Skills
skills/omidzamani/dspy-skills/dspy-gepa-reflective/Gen Agent Trust Hub

dspy-gepa-reflective

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: CRITICALCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION] (LOW): The skill uses dspy.PythonInterpreter() in the calculate tool. This allows the model to execute Python-based mathematical expressions, which is a form of dynamic execution. For this use case, it is a standard and expected functionality of the ReAct agent implementation.
  • [EXTERNAL_DOWNLOADS] (LOW): The agent connects to http://20.102.90.50:2017/wiki17_abstracts to retrieve search data. This is an unencrypted HTTP connection to an external research server (Stanford ColBERTv2 demo).
  • [PROMPT_INJECTION] (LOW): The skill is susceptible to indirect prompt injection (Category 8) because it processes external search results and uses a reflective optimizer (GEPA) to refine instructions based on those results. Ingestion points: Data retrieved from the search tool. Boundary markers: None present. Capability inventory: File system access (Read, Write, Glob, Grep) and Python execution via interpreter. Sanitization: No specific sanitization or filtering of external data before optimization reflection.
Recommendations
  • Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 17, 2026, 06:27 PM