The Agent Skills Directory

[COMMAND_EXECUTION] (HIGH): The installation guide includes sudo pip uninstall, which uses root privileges to modify system-level Python environments, potentially leading to instability or unauthorized changes.\n- [PRIVILEGE_ESCALATION] (MEDIUM): The Docker configuration specifies --cap-add=SYS_ADMIN, granting elevated privileges to the container that are often discouraged due to container escape risks.\n- [EXTERNAL_DOWNLOADS] (MEDIUM): The skill involves installing the openrlhf package and downloading models from Hugging Face; these are untrusted external dependencies in this context.\n- [DATA_EXPOSURE] (LOW): The Ray head node is configured to listen on 0.0.0.0, exposing the dashboard and job submission port to the network.\n- [INDIRECT_PROMPT_INJECTION] (LOW): The training process ingests untrusted datasets, which could contain malicious formatting or instructions. 1. Ingestion points: --dataset parameter in SKILL.md. 2. Boundary markers: Absent. 3. Capability inventory: Code execution via ray job submit and deepspeed. 4. Sanitization: Absent.

openrlhf-training