together-evaluations
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill uses Jinja2 templates (system_template, input_template) to process data from user-provided datasets, creating a surface for indirect prompt injection. Untrusted data from dataset columns (e.g., 'prompt' or 'response') is interpolated into prompts for judge models. Ingestion points: input_data_file_path in scripts/run_evaluation.py and scripts/run_evaluation.ts. Boundary markers: Absent. Capability inventory: Network requests to Together AI and external APIs, file upload/download. Sanitization: Absent.
- [DATA_EXFILTRATION]: The configuration allows for 'external_base_url' and 'external_api_token' for judge and target models. While intended for cross-provider benchmarking, this allows dataset content and API credentials to be sent to arbitrary endpoints specified by the user. This represents standard functionality for an evaluation tool.
- [SAFE]: No malicious code, persistence mechanisms, or unauthorized privilege escalation were detected. The skill uses official Together AI SDKs and correctly manages temporary files for dataset uploads.
Audit Metadata