hccl-test
Fail
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: HIGHCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill requires the execution of several high-risk commands to configure the host environment and manage processes:
- Recommends disabling the system firewall via
systemctl stop firewalld. - Modifies sensitive system files such as
/etc/hoststo enable node discovery. - Changes kernel parameters for network performance using
sysctl(e.g.,net.core.somaxconn). - Recommends modifying shell profiles (
~/.bashrc) to persistently set environment variables likeLD_LIBRARY_PATH. - Utilizes aggressive process termination with
pkill -9based on string matching. - [REMOTE_CODE_EXECUTION]: The skill provides a manual workflow for downloading, compiling, and installing external source code:
- Follows a pattern of downloading tarballs, extracting them, and running
./configure && make && make install. - This process executes code contained within external archives on the local host, often with administrative privileges during the installation phase.
- [EXTERNAL_DOWNLOADS]: The documentation provides links to fetch software distributions from external well-known technology domains:
- Fetches configuration and source code for MPICH from
mpich.org. - Fetches Open MPI distributions from
open-mpi.org. - [CREDENTIALS_UNSAFE]: The skill involves manual SSH credential management to facilitate automated communication between cluster nodes:
- Instructions cover generating keys with
ssh-keygenand distributing them viassh-copy-id. - Specifically targets the
/root/.ssh/directory, which is a sensitive administrative area.
Recommendations
- AI detected serious security threats
Audit Metadata