torchvision
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill is designed to process untrusted image data via an input path. Ingestion points: inputPath parameter in scripts/torchvision_tool.js. Boundary markers: None present. Capability inventory: Local script execution and tensor operations; no network or file-write capabilities. Sanitization: None present, though the current implementation does not interpolate the input into the shell command.
- [COMMAND_EXECUTION] (LOW): scripts/torchvision_tool.js uses execSync to invoke the Python processing script. The command is currently hardcoded and safe, but the pattern of shell execution is noted as a potential surface.
- [EXTERNAL_DOWNLOADS] (INFO): Depends on torchvision, torch, and pillow. These are trusted packages from the PyTorch (Meta) and Python communities.
Audit Metadata