modal
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCREDENTIALS_UNSAFEREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [CREDENTIALS_UNSAFE] (HIGH): The documentation in 'references/images.md' provides a code example demonstrating how to use 'add_local_dir' to copy the local '~/.aws' directory into a container image. This directory typically contains sensitive, plaintext cloud access keys and tokens. Encouraging this pattern significantly increases the risk of credential leakage into persistent cloud environments.
- [REMOTE_CODE_EXECUTION] (HIGH): Multiple files demonstrate patterns for downloading and executing third-party code at runtime. Specifically, 'references/examples.md' and 'references/images.md' show frequent use of '.uv_pip_install()' and '.pip_install()' to fetch packages from the public PyPI registry, as well as using '.run_commands()' with 'git clone' to execute code from external repositories.
- [COMMAND_EXECUTION] (LOW): Examples in 'references/web-endpoints.md' and 'references/images.md' utilize 'subprocess.Popen' and 'run_commands' to execute shell commands. The documentation correctly notes security best practices by advising against the use of 'shell=True' to prevent command injection vulnerabilities.
- [EXTERNAL_DOWNLOADS] (LOW): The documentation includes patterns for fetching pre-trained models from Hugging Face and other external registries, which involves downloading and loading remote binary artifacts.
Recommendations
- AI detected serious security threats
Audit Metadata