nemo-curator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Unverifiable Dependencies & Remote Code Execution (SAFE): The skill utilizes standard NVIDIA RAPIDS ecosystem libraries such as
nemo-curator,cudf, anddask. Installation is handled through reputable package managers and no suspicious execution patterns or untrusted sources were detected. - Indirect Prompt Injection (SAFE): While the curation pipeline processes external data (e.g., Common Crawl), the skill specifically includes safety modules for PII redaction and NSFW detection to mitigate risks. Evidence: 1. Ingestion points:
DocumentDataset.read_parquetinSKILL.md. 2. Boundary markers: None. 3. Capability inventory: Data transformation and local file writing. 4. Sanitization:PIIRedactorandNSFWClassifiermodules are natively integrated. - Data Exposure & Exfiltration (SAFE): No evidence of hardcoded credentials, sensitive file path access, or unauthorized network exfiltration.
- Obfuscation (SAFE): No encoded content, hidden characters, or obfuscated logic were found in any files.
Audit Metadata