hugging-face-jobs
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials or malicious exfiltration patterns detected. The documentation correctly identifies the use of environment secrets ($HF_TOKEN) for secure authentication.
- Unverifiable Dependencies (SAFE): The skill references reputable and well-known libraries such as transformers, datasets, and huggingface-hub.
- Dynamic Execution (SAFE): The use of hf_jobs to execute scripts is the core intended functionality of the skill and is documented with appropriate safety warnings regarding ephemeral environments.
- Indirect Prompt Injection (LOW): The skill processes external datasets which represents a vulnerability surface. Evidence: (1) Ingestion points: Hugging Face Hub datasets; (2) Boundary markers: Not specified in documentation; (3) Capability inventory: Full Python script execution via hf_jobs; (4) Sanitization: No explicit sanitization or validation of dataset content mentioned.
Audit Metadata