local-llm-fine-tuning
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill includes Python scripts in 'references/dataset-formats.md' that process external data files (CSV, JSONL, TXT). This creates a surface for indirect prompt injection if the agent is tasked with processing untrusted datasets without content sanitization. Ingestion points: 'validate_jsonl', 'csv_to_alpaca', 'alpaca_to_sharegpt' in 'references/dataset-formats.md'. Boundary markers: Absent. Capability inventory: File read and write operations in 'references/dataset-formats.md'. Sanitization: Absent.
- [SAFE]: Utility scripts use standard libraries and do not perform network operations or access sensitive system paths.
- [SAFE]: References to AI libraries and models (Hugging Face, Unsloth, Axolotl) are standard for the domain and represent legitimate resource usage.
Audit Metadata