amd-kernel-optimization
Fail
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: HIGHCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the user to execute a command with sudo privileges to change system-wide kernel parameters, which can affect overall system security.
- Evidence: 'sudo sh -c "echo 0 > /proc/sys/kernel/numa_balancing"' in SKILL.md.
- [COMMAND_EXECUTION]: Employs dynamic monkey-patching of the PyTorch framework to intercept and modify linear layer execution and the Dynamo compilation engine.
- Evidence: Monkey-patching of nn.Linear.forward in 'references/gemm-and-linear.md' and torch._dynamo.convert_frame in 'references/torch-compile-and-graphs.md'.
- [REMOTE_CODE_EXECUTION]: Locates and executes external scripts (gemm_tuner.py) from the aiter package dynamically at runtime.
- Evidence: Logic in 'references/gemm-and-linear.md' that finds and runs the tuner script via subprocess.
- [PROMPT_INJECTION]: Contains an indirect prompt injection surface as it is designed to ingest and modify external model source code and environment variables.
- Ingestion points: Third-party model modeling files (transformers) and environment configuration.
- Boundary markers: Absent.
- Capability inventory: Administrative command execution (sudo), dynamic monkey-patching, and runtime code compilation (torch.compile/Triton).
- Sanitization: Absent.
Recommendations
- AI detected serious security threats
Audit Metadata