nemo-evaluator-sdk

This document is a usage/manifest for a benchmarking/orchestration skill. The capabilities requested (NGC_API_KEY, HF_TOKEN, Docker/Slurm access, and network endpoints to NVIDIA services) are consistent with the declared purpose of orchestrating large-scale LLM evaluations. There are no clear signs of malicious code or covert exfiltration in the provided text. However, the runtime footprint is high-privilege (container pulls, Slurm jobs, access to model checkpoints and environment variables) and therefore poses normal supply-chain risks if the underlying packages, containers, or harness implementations are untrusted. Operators should verify the provenance of pip packages and container images and audit individual harness implementations (e.g., 'garak') before running in sensitive environments.