Skills
skills/ascend-ai-coding/awesome-ascend-skills/ascend-avi-vnpu/Gen Agent Trust Hub

ascend-avi-vnpu

Warn

Audited by Gen Agent Trust Hub on Apr 18, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to perform sensitive system operations using npu-smi set for virtualization management and kill -9 for process termination. These commands typically require elevated (root/administrative) privileges and can impact system stability.
  • Evidence: Found in SKILL.md (e.g., npu-smi set -t create-vnpu) and references/security-checklist.md (e.g., kill -9 ).
  • [PROMPT_INJECTION]: The skill defines a surface for indirect prompt injection by interpolating untrusted user inputs (such as Device IDs, Chip IDs, and Template Names) into shell commands without explicit sanitization instructions.
  • Ingestion points: User-provided parameters for npu-smi commands in SKILL.md.
  • Boundary markers: Absent. The skill does not provide clear delimiters to separate user data from command templates.
  • Capability inventory: High-privilege shell execution via npu-smi and kill across all management scripts.
  • Sanitization: Absent. No instructions are provided to validate or escape user input before interpolation.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 18, 2026, 03:04 AM
Security Audit — agent-trust-hub — ascend-avi-vnpu