Skills
skills/bytedance/agentkit-samples/byted-ark-trainer/Gen Agent Trust Hub

byted-ark-trainer

Pass

Audited by Gen Agent Trust Hub on May 7, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the ark CLI and standard Unix commands (e.g., ark init, find, chmod) to manage the local development environment, project initialization, and file permissions. These operations are strictly related to the documented workflow of setting up a training workspace.
  • [EXTERNAL_DOWNLOADS]: The skill instructs the agent to download and install the ark-sdk package and model configuration data from official ByteDance/Volcengine domains (e.g., tos-cn-beijing.volces.com, ark.cn-beijing.volces.com). These are trusted vendor sources required for the skill's functionality.
  • [REMOTE_CODE_EXECUTION]: The training scripts scripts/modules/train.py use dynamic module loading (__import__ and importlib.util) to execute user-defined training logic (rollout and grader functions). While dynamic execution is typically high-risk, in this context, it is the primary purpose of the skill — allowing the developer to run their custom training code locally before submitting it to the cloud platform.
Audit Metadata
Risk Level
SAFE
Analyzed
May 7, 2026, 10:50 AM