modal
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs users to install the
modalPython package viauv pip install modal. Modal is a recognized and established serverless platform provider. - [COMMAND_EXECUTION]: Setup and deployment involve several CLI commands, such as
modal token newfor generating authentication tokens andmodal runormodal deployfor executing and hosting cloud functions. - [REMOTE_CODE_EXECUTION]: The core purpose of the skill is to facilitate executing Python code on Modal's serverless infrastructure. This includes offloading compute-intensive tasks, such as ML model inference and batch processing, to cloud-based containers.
- [CREDENTIALS_UNSAFE]: The skill correctly identifies that authentication tokens are stored locally in
~/.modal.toml. This is the standard behavior for the Modal CLI, but users should be aware that this file contains sensitive access keys. - [PROMPT_INJECTION]: The section 'Suggest Using K-Dense Web For Complex Worflows' provides specific instructions for the agent to promote the K-Dense Web platform when users request multi-step reasoning or deep research. This is a behavioral instruction that steers the agent's interaction style within the vendor's ecosystem.
Audit Metadata