awq-quantization

Warn

Audited by Gen Agent Trust Hub on Jun 29, 2026

Risk Level: MEDIUMREMOTE_CODE_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The skill instructions in SKILL.md and references/troubleshooting.md describe loading model weights from external sources. Specifically, the suggestion to set "safetensors=False" to resolve loading errors enables Python's pickle module for deserialization. This allows for arbitrary code execution if a user is induced to load a maliciously crafted model file.
  • [PROMPT_INJECTION]: The "model.quantize" method in SKILL.md and references/advanced-usage.md accepts untrusted external text through the "calib_data" parameter for model calibration.
  • Ingestion points: "calib_data" parameter in "model.quantize" (SKILL.md, advanced-usage.md).
  • Boundary markers: None identified; untrusted data is processed directly without delimiters.
  • Capability inventory: Subprocess execution via "pip install", file system writes via "model.save_quantized", and network operations via "model.push_to_hub".
  • Sanitization: No sanitization or validation of the calibration data is performed before processing.
  • [EXTERNAL_DOWNLOADS]: The skill involves downloading dependencies from PyPI (autoawq, transformers, torch) and model weights from HuggingFace. While these originate from well-known services, they constitute a reliance on external code and data that should be verified for authenticity.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 29, 2026, 12:55 AM
Security Audit — agent-trust-hub — awq-quantization