dspy-signature-designer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- PROMPT_INJECTION (SAFE): No instructions found that attempt to override system prompts or bypass safety filters. All instructions are technical and focused on DSPy signature design.
- DATA_EXFILTRATION (SAFE): No sensitive file paths (e.g., .ssh, .aws) or hardcoded credentials detected. No network calls to external or non-whitelisted domains are present.
- REMOTE_CODE_EXECUTION (SAFE): No remote script downloads (curl/wget | bash) or dynamic code execution (eval/exec) patterns found. The skill contains only static Python code examples for educational purposes.
- INDIRECT_PROMPT_INJECTION (SAFE): While the skill defines inputs like 'task_description' that will contain user data, it functions as a documentation guide and does not automate the execution of untrusted data through dangerous tools.
- PRIVILEGE_ESCALATION (SAFE): No commands involving sudo, chmod, or system configuration modifications were identified.
Audit Metadata