miles-rl-training

Warn

Audited by Gen Agent Trust Hub on Jun 29, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs users to pull a Docker image (radixark/miles:latest) and clone a repository from an unverified third-party GitHub account (https://github.com/radixark/miles.git).
  • [COMMAND_EXECUTION]: The documentation includes commands to install and execute the retrieved third-party code (pip install -e . and python train.py), which can result in the execution of unverified logic.
  • [PROMPT_INJECTION]: The skill metadata contains deceptive author information, identifying the creator as 'Orchestra Research' while the provided author identity is 'akillness'.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 29, 2026, 12:55 AM
Security Audit — agent-trust-hub — miles-rl-training