Skills
skills/zechenzhangagi/ai-research-skills/mamba-architecture/Gen Agent Trust Hub

mamba-architecture

Pass

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: LOWEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
  • EXTERNAL_DOWNLOADS (LOW): The skill instructs the user to install mamba-ssm and causal-conv1d via pip. While these are widely recognized research packages, their source (GitHub state-spaces) is not within the pre-defined 'Trusted Organizations' list. Standard supply chain risks apply.
  • REMOTE_CODE_EXECUTION (LOW): The skill utilizes MambaLMHeadModel.from_pretrained and AutoTokenizer.from_pretrained to download model weights and configurations from HuggingFace. This pattern involves executing code to load remote assets, which is standard for the transformers ecosystem but technically involves remote data processing.
  • DYNAMIC_EXECUTION (MEDIUM): In training-guide.md, the skill demonstrates the use of torch.load() for model checkpoints. This function uses Python's pickle module, which is susceptible to arbitrary code execution if a user is tricked into loading a malicious checkpoint file from an untrusted source.
Audit Metadata
Risk Level
LOW
Analyzed
Feb 16, 2026, 06:58 AM