sglang-sota-performance
Pass
Audited by Gen Agent Trust Hub on May 3, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill presents an attack surface for indirect prompt injection as it processes untrusted user-provided models and datasets.
- Ingestion points: User-supplied model_id, local checkpoint paths, and workload datasets used for benchmarking and profiling.
- Boundary markers: Absent; there are no specific instructions to use delimiters or ignore embedded instructions within the ingested data.
- Capability inventory: The skill can execute various benchmarking and profiling shell commands and perform file-write operations to patch local source code.
- Sanitization: Absent; no input validation or escaping mechanisms are described before data is used in commands or logic.
- [COMMAND_EXECUTION]: The skill requires the agent to execute shell-based tools for benchmarking and serving (e.g., trtllm-serve) and profiling. It also involves the dynamic generation and application of source code patches to the SGLang framework based on performance analysis.
Audit Metadata