Skills
skills/terrylica/cc-skills/ml-failfast-validation/Gen Agent Trust Hub

ml-failfast-validation

Pass

Audited by Gen Agent Trust Hub on Apr 4, 2026

Risk Level: SAFEPROMPT_INJECTIONREMOTE_CODE_EXECUTION
Full Analysis
  • [DYNAMIC_EXECUTION]: The provided code snippets demonstrate the use of torch.load() for model checkpointing. This method relies on the pickle module, which is known for unsafe deserialization. If an agent or user loads a checkpoint file provided by an untrusted source, it could lead to arbitrary code execution.
  • [INDIRECT_PROMPT_INJECTION]: The skill defines logic for fetching external data and reading experiment logs, creating a surface for indirect prompt injection if the processed content contains malicious instructions.
  • Ingestion points: The fetch_data function and the experiment.jsonl log file described in SKILL.md.
  • Boundary markers: Not present; the templates do not specify the use of delimiters or warnings to ignore instructions within the data.
  • Capability inventory: The skill involves file system operations including reading and writing checkpoints and logs (torch.save, torch.load, open).
  • Sanitization: Not present; the skill focuses on schema and gradient validation rather than sanitizing data for potential prompt injection patterns.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 4, 2026, 09:51 AM