pytorch-lightning
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHPROMPT_INJECTION
Full Analysis
- [INDIRECT_PROMPT_INJECTION] (HIGH): The skill is designed to process external datasets, which constitutes a primary ingestion point for untrusted content.
- Ingestion points: Data is ingested via the
data_dirparameter andCustomDatasetclass inscripts/template_datamodule.py. - Boundary markers: There are no delimiters or instructions provided to the agent to ignore potentially malicious content embedded within processed datasets.
- Capability inventory: The skill utilizes the PyTorch Lightning
Trainerand arbitrary Python execution, providing a high-privilege environment capable of file system access and computational execution. - Sanitization: No sanitization or validation logic is present in the templates to filter or escape content from external data sources.
- [COMMAND_EXECUTION] (LOW): The skill provides executable Python templates (
scripts/template_lightning_module.py,scripts/template_datamodule.py) for model training. This is a standard and expected feature for a deep learning framework skill but represents a capability that must be monitored.
Recommendations
- AI detected serious security threats
Audit Metadata