fine-tuning-customization
Fail
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: HIGHDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION] (HIGH): The script 'scripts/create-lora-config.md' explicitly searches through '.env*' files using grep. Environment files are high-value targets containing secrets and credentials, and accessing them represents a significant security risk.
- [COMMAND_EXECUTION] (MEDIUM): The skill utilizes multiple inline shell commands (grep, find, date) within 'scripts/create-lora-config.md' to automate configuration by inspecting the host filesystem and identifying model dependencies.
- [PROMPT_INJECTION] (HIGH): The skill has a high vulnerability surface for Indirect Prompt Injection (Category 8). It is designed to ingest and process untrusted training data while maintaining sensitive capabilities like shell execution and file system write operations. Evidence: 1. Ingestion points: External datasets loaded via Hugging Face or local JSONL files. 2. Boundary markers: Absent in prompt templates provided in 'references/lora-qlora.md'. 3. Capability inventory: Includes shell command execution and model/config writing. 4. Sanitization: No sanitization or validation of the training data content is implemented.
Recommendations
- AI detected serious security threats
Audit Metadata