Skills
NYC
skills/llama-farm/llamafarm/python-skills/Gen Agent Trust Hub

python-skills

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: CRITICALREMOTE_CODE_EXECUTION
Full Analysis
  • [REMOTE_CODE_EXECUTION] (LOW): In async.md, a code example for loading models includes trust_remote_code=True. This parameter allows the execution of arbitrary code from the model's source repository, which is a significant risk if the repository is not strictly verified.
  • [REMOTE_CODE_EXECUTION] (LOW): In patterns.md, a code example demonstrates loading YAML configuration using yaml_instance.load(f). Recommending the load() method instead of safe_load() or a restricted loader is a known security anti-pattern that can enable arbitrary code execution through malicious YAML payloads.
  • [SAFE] (SAFE): The automated scanner alert regarding logger.info is a false positive; the scanner appears to have incorrectly identified a standard Python logging method call as a malicious URL.
Recommendations
  • Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 17, 2026, 05:03 PM