together-fine-tuning
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs users to install official client libraries (
togetherfor Python andtogether-aifor Node.js) from public registries. These are legitimate, well-known dependencies required for interacting with the Together AI API. - [COMMAND_EXECUTION]: Included in the skill is a Python script (
scripts/finetune_workflow.py) and various CLI examples that automate the fine-tuning lifecycle. These executions are necessary for the skill's primary purpose and do not perform unauthorized or hidden operations. - [SAFE]: Extensive analysis confirms the skill follows standard security practices for API integrations. It correctly uses environment variables for authentication, targets official API endpoints (
api.together.xyz), and lacks any indicators of obfuscation, data exfiltration, or prompt injection.
Audit Metadata