hypogenic
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The prompt templates (e.g.,
observations,inference) interpolate raw data samples and text from external files directly into instructions using placeholders like{data_samples}. This creates a surface for indirect prompt injection where adversarial content in the input datasets could attempt to override the model's instructions. - Ingestion points:
data/train.json,data/val.json,data/test.json, and PDF files in thepapers/directory. - Boundary markers: Absent; the template uses raw string interpolation without delimiters or instructions to ignore embedded commands.
- Capability inventory: Hypothesis generation, empirical testing (inference), and refinement via external LLM APIs (GPT-4, Claude-3).
- Sanitization: Absent; no escaping or validation of interpolated content is defined in the template.
- [Data Exposure] (SAFE): The configuration correctly uses
api_key_envto reference environment variables for API keys rather than hardcoding sensitive credentials in the file.
Audit Metadata