mixed-precision-trainer
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill is designed to process and validate machine learning training patterns and code. It lacks explicit boundary markers or instructions to ignore embedded commands in processed data. Given its high-privilege tool access (Bash, Write), it presents a surface for indirect injection if an attacker provides malicious ML configurations or scripts for analysis.
- Ingestion points: User-provided ML training requests and code snippets.
- Boundary markers: Absent.
- Capability inventory: Read, Write, Edit, Bash(python:), Bash(pip:).
- Sanitization: None specified in the skill definition.
- [Unverifiable Dependencies] (SAFE): Although the skill allows the use of
pipthrough its tool configuration, it does not specify any external packages or remote scripts to be downloaded or executed. - [Prompt Injection] (SAFE): No patterns of instruction override, role-play jailbreaks, or system prompt extraction were detected in the skill text.
Audit Metadata