modal
Fail
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: HIGHCREDENTIALS_UNSAFEREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [CREDENTIALS_UNSAFE] (HIGH): The file 'references/images.md' explicitly demonstrates how to mount highly sensitive local credential directories into remote containers. Evidence: 'modal.Image.debian_slim().add_local_dir("/user/erikbern/.aws", remote_path="/root/.aws")'.
- [REMOTE_CODE_EXECUTION] (MEDIUM): The documentation extensively details how to execute Python code remotely on the Modal cloud platform, which constitutes a significant attack surface if used with untrusted inputs. Evidence: Examples of '.remote()', '.spawn()', and 'modal.App' throughout 'references/functions.md' and 'references/examples.md'.
- [EXTERNAL_DOWNLOADS] (MEDIUM): Examples show the installation of various Python packages and cloning of GitHub repositories that are not within the defined trust scope. Evidence: 'run_commands("git clone https://github.com/modal-labs/agi")' in 'references/images.md'.
- [COMMAND_EXECUTION] (MEDIUM): The documentation provides examples of using 'subprocess.run' to execute arbitrary commands. Evidence: 'subprocess.run(["python", "train.py"])' in 'references/gpu.md'.
Recommendations
- AI detected serious security threats
Audit Metadata