Skills
skills/davila7/claude-code-templates/model-pruning/Gen Agent Trust Hub

model-pruning

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
  • EXTERNAL_DOWNLOADS (HIGH): The documentation instructs the agent to clone the repository https://github.com/locuslab/wanda. Since the organization locuslab is not included in the Trusted External Sources list, the integrity and safety of this source cannot be verified.
  • REMOTE_CODE_EXECUTION (HIGH): Following the repository clone, the skill directs the agent to run python main.py using the downloaded content. This constitutes a classic download-then-execute attack vector where arbitrary code from an untrusted external repository is executed in the local environment.
  • DATA_EXFILTRATION (SAFE): While the skill accesses calibration data (C4 dataset) and model weights (LLaMA-2), these are standard operations for the described ML task, and no patterns of sensitive data exfiltration or hardcoded credentials were detected.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 17, 2026, 04:54 PM