vastai-sdk
Pass
Audited by Gen Agent Trust Hub on Apr 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The SDK documentation specifies that authentication credentials are read from a local configuration file at ~/.vast_api_key by default. This is a standard and expected mechanism for authenticating command-line tools and SDKs to cloud services.
- [SAFE]: The library includes a backward-compatibility shim in init.py that uses importlib.import_module with a static string to reference the primary package. This is a common and safe practice for maintaining support for legacy import paths.
- [SAFE]: The installation instructions direct users to download the vendor's official package and its optional serverless components from the standard Python package registry.
- [SAFE]: The skill implements an interface for interacting with the vendor's cloud APIs, which includes processing data returned from serverless endpoints as part of its intended operational workflow.
Audit Metadata