modal
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill provides comprehensive documentation and code snippets for using the Modal serverless compute platform. All described behaviors are consistent with the platform's legitimate use cases for serverless compute and AI infrastructure.
- [EXTERNAL_DOWNLOADS]: Instructions include installing the
modallibrary viapipand defining container images that fetch packages from standard registries (PyPI, Ubuntu/Debian mirrors). It also describes downloading model weights from Hugging Face, which is a well-known and expected service for AI development. - [COMMAND_EXECUTION]: The skill details various CLI commands (
modal setup,modal run,modal deploy) required to authenticate with and operate the Modal platform. These are standard operations for the service and do not represent malicious intent. - [CREDENTIALS_UNSAFE]: While the skill discusses secret management, it promotes best practices such as using the platform's native
modal.Secretabstraction and loading configurations from.envfiles, which are considered safe methods for handling sensitive information.
Audit Metadata