Skills
NYC
skills/letta-ai/skills/pytorch-model-cli/Gen Agent Trust Hub

pytorch-model-cli

Warn

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: MEDIUMREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [Dynamic Execution] (MEDIUM): The skill utilizes torch.load(), which performs deserialization via the pickle module. Loading untrusted .pth files is a known vector for arbitrary code execution.
  • [Indirect Prompt Injection] (LOW): The skill establishes a surface for processing untrusted external inputs. 1. Ingestion points: PyTorch checkpoints (model.pth), image files (via lodepng), and weight files (via cJSON). 2. Boundary markers: Absent; the workflow relies on manual documentation and verification. 3. Capability inventory: Uses g++ for compilation and subsequent execution of the resulting binary. 4. Sanitization: Recommends verifying layer dimensions and handling missing files, though implementation safety is left to the agent.
  • [Dynamic Execution] (LOW): The skill provides a template for generating and compiling C++ code. While inherent to the task, this capability could be exploited if the agent is influenced by malicious instructions embedded in the model architecture or weights.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 16, 2026, 12:01 AM