promptfoo-config
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- EXTERNAL_DOWNLOADS (MEDIUM): The script 'scripts/init-promptfoo.sh' executes 'npm install -g promptfoo'. Global package installations are a security concern as they affect the entire system and often require root/administrator privileges. The documentation also encourages the use of 'npx promptfoo', which downloads and executes code at runtime.
- COMMAND_EXECUTION (LOW): The skill utilizes Bash scripts for environment initialization and directory creation.
- INDIRECT_PROMPT_INJECTION (MEDIUM): The 'templates/promptfooconfig.yaml' file sets up an evaluation pipeline that processes external data. Ingestion points: Data enters the system via the 'vars' mapping in the configuration template. Boundary markers: No delimiters or safety instructions are present in the provided templates to prevent embedded instructions in variables from being obeyed. Capability inventory: The resulting process utilizes network access to send data to OpenAI and Anthropic APIs. Sanitization: No sanitization or validation logic is included for the interpolated variables.
Audit Metadata