The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The script scripts/inference_optimizer.py uses the torch.load() function to load model checkpoints. This function is fundamentally insecure as it relies on the pickle module, which can be exploited to execute arbitrary code during deserialization if the input file is malicious. Users are advised to only load models from trusted sources.\n- [COMMAND_EXECUTION]: The skill instructs the agent to execute several local Python scripts and CLI tools for training and benchmarking. Specifically, SKILL.md and scripts/vision_model_trainer.py involve the use of subprocesses to run commands like yolo, trtexec, and python train_net.py. These scripts have extensive access to the local filesystem, including file deletion (shutil.rmtree) and symlink creation, which could be misused if provided with malicious paths.\n- [EXTERNAL_DOWNLOADS]: The skill documentation and scripts facilitate the download of pretrained weights and configuration files from well-known and trusted technology providers, including the Ultralytics and Facebook Research (Detectron2) ecosystems. These downloads are documented neutrally as they target official and established repositories.

senior-computer-vision