skills/jeremylongshore/claude-code-plugins-plus-skills/distributed-training-setup/Gen Agent Trust Hub
distributed-training-setup
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE] (SAFE): No scripts, executables, or code blocks were found in the skill definition.
- [COMMAND_EXECUTION] (SAFE): The skill metadata requests permissions for Bash (Python and Pip), but the skill does not actually implement any commands or logic to use these tools.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill is designed to process user-provided requests for machine learning setup. Because the skill definition includes permissions for powerful tools like Bash(pip:*) and Write, it defines a potential attack surface for indirect prompt injection if a user or an external data source provides malicious instructions.
- Evidence Chain (Category 8):
- Ingestion point: User requests ('Help me with...').
- Boundary markers: Absent.
- Capability inventory: Bash(python:), Bash(pip:), Write, Edit.
- Sanitization: Absent.
Audit Metadata