Skills
skills/ascend-ai-coding/awesome-ascend-skills/diffusers-ascend-weight-prep/Snyk

diffusers-ascend-weight-prep

Warn

Audited by Snyk on Mar 8, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 1.00). This skill explicitly downloads metadata from public third-party repos (HuggingFace via scripts/generate_fake_weights.py using huggingface_hub.snapshot_download and download_weights.py invoking the hf/modelscope clients) and then parses and instantiates models (including AutoConfig.from_pretrained(..., trust_remote_code=True)), so untrusted, user-provided content can be read and materially influence runtime behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

  • Potentially malicious external URL detected (high risk: 0.90). The skill's from-hub flow downloads metadata at runtime from the HuggingFace Hub (e.g., via the HF endpoint/proxy URL https://hf-mirror.com or huggingface.co) using snapshot_download and then calls transformers.AutoConfig.from_pretrained(..., trust_remote_code=True), which can load and execute remote repository code, so the fetched content can execute code and is required for the from-hub path.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 8, 2026, 10:12 AM