Skills
NYC
skills/llama-farm/llamafarm/runtime-skills/Gen Agent Trust Hub

runtime-skills

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • REMOTE_CODE_EXECUTION (HIGH): The pytorch.md checklist recommends using trust_remote_code=True during model initialization with AutoModelForCausalLM.from_pretrained and AutoModel.from_pretrained. This flag allows the Hugging Face Transformers library to download and run custom Python code provided by the model author, posing a severe RCE risk if the model repository is malicious or compromised.
  • EXTERNAL_DOWNLOADS (MEDIUM): The skill is designed to interact with external model hubs (Hugging Face) to pull significant amounts of binary data and potential scripts. Without explicit integrity verification mechanisms or pinning to specific commits, this behavior exposes the runtime environment to supply chain attacks.
  • PROMPT_INJECTION (LOW): The skill's architecture is built to process untrusted user prompts for inference. Although the documentation correctly highlights sanitization as a 'Critical' priority, the absence of concrete sanitization implementations in the code patterns leaves the system vulnerable to indirect prompt injection and model manipulation.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 17, 2026, 06:06 PM