Skills
skills/lawless-m/claude-skills/Vram-GPU-OOM/Gen Agent Trust Hub

Vram-GPU-OOM

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
  • [EXTERNAL_DOWNLOADS] (MEDIUM): Reference to an external helper script from an untrusted source. The skill documentation points to request_gpu_unload.py in the OneCuriousRabbit repository, which is not a verified or trusted source.
  • [DATA_EXFILTRATION] (LOW): Hardcoded internal network targets and SSRF risk. The signaling protocol example includes a hardcoded private IP address (10.99.0.3). While intended for local coordination, this pattern presents a Server-Side Request Forgery (SSRF) surface if an agent or user dynamically populates the service list with untrusted URLs.
  • [INDIRECT_PROMPT_INJECTION] (LOW): Vulnerability surface through untrusted service responses. The signaling protocol ingests external data that influences agent/system logic.
  • Ingestion points: Ingests JSON data from remote services via resp.json() in the SERVICES loop.
  • Boundary markers: Absent; the code trusts the response structure from the remote endpoint.
  • Capability inventory: Includes the ability to perform network POST requests and trigger model unloads (state changes).
  • Sanitization: Absent; the logic directly processes keys like unloaded and status from external JSON responses.
  • [FALSE POSITIVE]: The automated scan alert regarding logger.info is a false positive. The string is part of standard Python logging: logger.info(f"Auto-unloading model after {idle/60:.1f} minutes") and does not represent a malicious URL.
Recommendations
  • Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 01:14 PM