Skills
skills/orchestra-research/ai-research-skills/llama-cpp/Gen Agent Trust Hub

llama-cpp

Warn

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • EXTERNAL_DOWNLOADS (MEDIUM): The skill instructs the agent to clone the https://github.com/ggerganov/llama.cpp repository and download models via huggingface-cli. Neither source is on the pre-approved trusted whitelist.
  • COMMAND_EXECUTION (MEDIUM): The build process involves running make and executing local binaries (./llama-cli, ./llama-server). This represents a risk of running code compiled from external, unverified sources.
  • INDIRECT_PROMPT_INJECTION (MEDIUM): The skill acts as an inference engine. Processing untrusted data through this engine creates a significant surface for indirect prompt injection, as the agent may treat the model's output as trusted instructions.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 16, 2026, 02:15 AM