Skills
skills/jeremylongshore/claude-code-plugins-plus-skills/tuning-hyperparameters/Gen Agent Trust Hub

tuning-hyperparameters

Warn

Audited by Gen Agent Trust Hub on Mar 19, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill requests allowed-tools: Bash(cmd:*) in SKILL.md, granting the agent full shell access. This allows for unrestricted command execution on the host system, which is a significant capability that should be monitored for misuse.\n- [REMOTE_CODE_EXECUTION]: The skill's core workflow involves generating Python code using libraries like scikit-learn or Optuna and then executing it via the Bash tool. This dynamic code generation and execution process is functionally equivalent to executing arbitrary code at runtime.\n- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection due to its core logic of converting user-supplied requirements into executable code.\n
  • Ingestion points: User requests for specific models, datasets, and hyperparameter ranges as described in SKILL.md.\n
  • Boundary markers: No explicit markers or instructions are provided to the agent to distinguish between legitimate parameters and embedded malicious instructions.\n
  • Capability inventory: The skill has broad tool access including Bash(cmd:*) and the ability to write and run scripts across all provided scripts.\n
  • Sanitization: There are no documented steps or automated checks within the skill to validate or sanitize the input context before it is used to generate the Python code.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 19, 2026, 05:12 PM