uv-miles-rl-training
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The documentation instructs users to pull a Docker image (radixark/miles:latest) and clone a Git repository (https://github.com/radixark/miles.git) from sources that are not on the verified trusted list.\n- [REMOTE_CODE_EXECUTION]: The installation guide recommends running 'pip install -e .' on a repository cloned from an unverified source (radixark/miles), which involves executing setup scripts from that repository during installation.\n- [PROMPT_INJECTION]: The training workflow processes external data (e.g., --prompt-data /path/to/data.jsonl), which is a known vector for indirect prompt injection where malicious instructions embedded in the training set could influence agent behavior.\n
- Ingestion points: Training prompt data provided via the --prompt-data command-line argument in SKILL.md.\n
- Boundary markers: No markers or delimiters are present to distinguish data from instructions.\n
- Capability inventory: The framework performs training execution, checkpoint management, and potentially network-based weight synchronization.\n
- Sanitization: There is no evidence of input validation or content filtering for the ingested training datasets.
Audit Metadata