dspy-miprov2-optimizer
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICAL
Full Analysis
- [PROMPT_INJECTION] (SAFE): No instructions designed to override agent behavior or bypass safety guardrails were found. The skill contains standard technical documentation and Python code snippets.
- [DATA_EXFILTRATION] (SAFE): The skill interacts with standard LLM endpoints and a specific public research index (ColBERTv2) at 20.102.90.50, which is standard for the DSPy ecosystem. No access to sensitive user files or credentials was observed.
- [EXTERNAL_DOWNLOADS] (SAFE): The skill does not download external scripts or execute remote code at runtime. It relies on the 'dspy' package, which is a legitimate library for AI program optimization.
- [COMMAND_EXECUTION] (SAFE): No shell commands, subprocess spawning, or arbitrary code execution patterns are present. The skill strictly uses Python APIs for its intended purpose.
- [INDIRECT_PROMPT_INJECTION] (LOW):
- Ingestion points: The skill processes training datasets (
trainset) and external search results from a ColBERTv2 server. - Boundary markers: Delimiters are not explicitly defined in the example prompt templates.
- Capability inventory: The skill is granted 'Read' and 'Write' tools in its configuration, and the code performs network retrieval and local file writing for model weights and metadata.
- Sanitization: No specific sanitization of the training data or search results is demonstrated in the examples.
- [FALSE_POSITIVE_ANALYSIS] (SAFE): The 'Malicious URL' alert for 'logger.info' is a false positive generated by the scanner's failure to distinguish between a Python method call and a URL structure. 'logger.info' is a standard logging command and poses no security risk.
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata