torchforge-rl-training
Warn
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructions direct users to run a local installation script (
./scripts/install.sh) and download software from a domain (meta-pytorch.org) and GitHub repository (github.com/meta-pytorch/monarch) that are not recognized as part of the official PyTorch or Meta organizations. - [COMMAND_EXECUTION]: The workflow involves several shell commands for environment management with conda and launching training tasks through Python modules and SLURM scripts.
- [PROMPT_INJECTION]: A surface for indirect prompt injection exists due to data processing.
- Ingestion points: The skill ingests untrusted data from training datasets (e.g., HuggingFace datasets) and user-defined YAML configuration files.
- Boundary markers: No delimiters or instructions to ignore instructions within data are provided in the workflow templates.
- Capability inventory: The skill is capable of executing shell commands as subprocesses, writing checkpoints to the filesystem, and accessing the network for model/dataset downloads.
- Sanitization: There is no evidence of sanitization or validation of external input content within the skill instructions.
Audit Metadata