autoresearch
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill downloads the 'uv' package manager from 'astral.sh' and clones the 'autoresearch' repository from GitHub. Both are well-known or trusted sources for machine learning development tools.
- [REMOTE_CODE_EXECUTION]: Automated scripts execute downloaded code from 'astral.sh' (the uv installer) and run local Python scripts ('train.py', 'prepare.py') using the 'uv' runner. These operations are standard for the skill's primary purpose of ML experimentation.
- [COMMAND_EXECUTION]: The skill uses various bash scripts to automate the experiment lifecycle, including hardware verification ('nvidia-smi'), file manipulation ('sed', 'awk'), and git operations ('git commit', 'git reset') to manage model improvements.
Audit Metadata