skills/ascend-ai-coding/awesome-ascend-skills/external-gitcode-ascend-npu-adapter-reviewer/Gen Agent Trust Hub
external-gitcode-ascend-npu-adapter-reviewer
Pass
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Clones source code from user-provided Git repositories to perform migration analysis.
- [EXTERNAL_DOWNLOADS]: Downloads official CANN toolkit installers from Huawei Cloud domains (myhuaweicloud.com) as part of the environment setup instructions.
- [COMMAND_EXECUTION]: Executes shell commands including
git cloneandlsto manage and inspect code repositories. - [COMMAND_EXECUTION]: Generates and runs verification shell scripts (
verify_npu.sh) and Python-based precision tests to validate the migration results. - [PROMPT_INJECTION]: Presents an indirect prompt injection surface by processing untrusted data from external repositories.
- Ingestion points: Cloned repositories in
SKILL.md. - Boundary markers: Absent; the skill does not use specific delimiters to isolate external code instructions from the agent's logic.
- Capability inventory: File reading, script generation, and shell execution across multiple stages.
- Sanitization: Absent; the skill directly parses file contents for API patterns.
Audit Metadata