Skills
skills/secondsky/claude-skills/model-deployment/Gen Agent Trust Hub

model-deployment

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
  • Dynamic Execution (MEDIUM): The code uses joblib.load('model.pkl') to load a pre-trained model. Joblib relies on Python's pickle module, which is inherently insecure and can execute arbitrary code during deserialization. Loading models from untrusted sources is a significant security risk.
  • Command Execution (LOW): The deployment instructions include shell commands for docker and kubectl. These operations require high privileges and could be used to compromise the container registry or Kubernetes cluster if instructions were maliciously modified.
  • Indirect Prompt Injection (LOW): The FastAPI server defines a prediction endpoint that ingests external data. This creates an attack surface for untrusted data to enter the system context. 1. Ingestion points: PredictionRequest in app.py. 2. Boundary markers: None. 3. Capability inventory: joblib.load, docker, kubectl. 4. Sanitization: Type checking via Pydantic.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 06:06 PM