Skills
skills/404kidwiz/claude-supercode-skills/ml-engineer/Gen Agent Trust Hub

ml-engineer

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMREMOTE_CODE_EXECUTION
Full Analysis
  • Dynamic Execution / Unsafe Deserialization (MEDIUM): The skill utilizes 'joblib' for model and study persistence, which is vulnerable to arbitrary code execution.
  • Evidence: Found in scripts/train_sklearn.py (line 214) and scripts/tune_hyperparameters.py (line 192), as well as documented in references/scikit_guide.md.
  • Risk: 'joblib.load' internally uses the 'pickle' module. Loading a maliciously crafted pickle file allows an attacker to execute arbitrary Python code in the context of the agent process.
  • Indirect Prompt Injection (LOW): The skill processes external data files that could contain malicious instructions.
  • Ingestion points: MLModelTrainer.load_data in scripts/train_sklearn.py reads CSV and Excel files.
  • Boundary markers: Absent; data is loaded directly into DataFrames without instruction-ignoring delimiters.
  • Capability inventory: The script has the capability to execute code via joblib.load and write files to the system.
  • Sanitization: None; the script assumes data files are well-formatted and safe.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 05:10 PM