The Agent Skills Directory

[EXTERNAL_DOWNLOADS] (LOW): The skill references installing the megatron-core package via pip without version constraints and pulling container images from the NVIDIA registry. While standard for training LLMs, these represent external dependencies from sources not explicitly on the predefined trusted list. The severity was reduced to LOW as these are essential for the primary purpose of the skill. Evidence: pip install megatron-core and nvcr.io/nvidia/pytorch:25.04-py3 in SKILL.md.
[COMMAND_EXECUTION] (SAFE): Numerous templates for torchrun and shell script execution are provided for distributed training. These commands are contextually appropriate for a high-performance training skill. Evidence: Multi-node and multi-GPU training launch configurations in SKILL.md and references/parallelism-guide.md.
[PROMPT_INJECTION] (LOW): The skill possesses an attack surface for indirect prompt injection through external data ingestion. Ingestion points: The skill processes external datasets and configuration files via parameters like --data-path and --vocab-file in SKILL.md. Boundary markers: The command templates lack explicit boundary markers or instructions to disregard embedded content within the ingested data. Capability inventory: The skill facilitates the execution of complex training jobs via subprocesses. Sanitization: No input validation or data sanitization procedures are defined in the provided instruction set.

training-llms-megatron