awq-quantization
Warn
Audited by Gen Agent Trust Hub on Jun 29, 2026
Risk Level: MEDIUMREMOTE_CODE_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill instructions in SKILL.md and references/troubleshooting.md describe loading model weights from external sources. Specifically, the suggestion to set "safetensors=False" to resolve loading errors enables Python's pickle module for deserialization. This allows for arbitrary code execution if a user is induced to load a maliciously crafted model file.
- [PROMPT_INJECTION]: The "model.quantize" method in SKILL.md and references/advanced-usage.md accepts untrusted external text through the "calib_data" parameter for model calibration.
- Ingestion points: "calib_data" parameter in "model.quantize" (SKILL.md, advanced-usage.md).
- Boundary markers: None identified; untrusted data is processed directly without delimiters.
- Capability inventory: Subprocess execution via "pip install", file system writes via "model.save_quantized", and network operations via "model.push_to_hub".
- Sanitization: No sanitization or validation of the calibration data is performed before processing.
- [EXTERNAL_DOWNLOADS]: The skill involves downloading dependencies from PyPI (autoawq, transformers, torch) and model weights from HuggingFace. While these originate from well-known services, they constitute a reliance on external code and data that should be verified for authenticity.
Audit Metadata