hugging-face-model-trainer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- SAFE (SAFE): The analyzed scripts and documentation are legitimate tools for machine learning development. There is no evidence of prompt injection, data exfiltration, or hidden malicious code.
- External Download/Execution (LOW): The skill references and utilizes scripts hosted on Hugging Face repositories (github.com/huggingface and huggingface.co) to perform training and dataset inspection.
- Assessment: Hugging Face is an explicitly trusted organization in the security framework. These references are standard for the skill's primary purpose and do not pose an elevated risk.
- Data Ingestion (SAFE): The training scripts ingest data from external repositories using the
load_datasetfunction. - Assessment: This is standard behavior for fine-tuning scripts and does not constitute a vulnerability within the context of the skill's intended use.
Audit Metadata