litellm
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the 'litellm' library from PyPI. This is a well-known industry-standard package used for the specified purpose of LLM orchestration.
- [PROMPT_INJECTION]: The skill facilitates the processing of untrusted user data by forwarding it to external LLM providers, which represents a surface for indirect prompt injection. Ingestion points: User-provided message content passed to the completion function or the LiteLLM proxy server as described in SKILL.md. Boundary markers: The skill utilizes the standard OpenAI message format (role and content fields) to delineate user-supplied text from system instructions. Capability inventory: The skill enables network operations for communicating with external AI model endpoints. Sanitization: No explicit prompt sanitization or filtering is implemented within the skill snippets, relying instead on downstream provider safety mechanisms.
Audit Metadata