Skills
skills/davila7/claude-code-templates/miles-rl-training/Gen Agent Trust Hub

miles-rl-training

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • EXTERNAL_DOWNLOADS (LOW): The skill instructs the user to docker pull radixark/miles:latest and git clone https://github.com/radixark/miles.git. While these are standard installation procedures, the author/repository (radixark) is not on the trusted sources list.
  • PROMPT_INJECTION (LOW): Category 8 (Indirect Prompt Injection) vulnerability detected. The skill is designed to process external training data via the --prompt-data flag.
  • Ingestion points: SKILL.md (Workflow 1 and 2) identifies /path/to/data.jsonl as an input for prompts.
  • Boundary markers: No explicit boundary markers or 'ignore embedded instructions' warnings are documented in the skill instructions or Sample dataclass.
  • Capability inventory: The framework executes complex training logic involving subprocesses (train.py) and allows custom scripts via --custom-generate-function-path and --custom-rm-path (identified in api-reference.md).
  • Sanitization: No evidence of input sanitization or validation for the training prompts is provided in the documentation.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:01 PM