finetuning-technique

Pass

Audited by Gen Agent Trust Hub on Jun 15, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a local Python script (scripts/get_recipes.py) to query SageMaker Hub content. This is a legitimate operation for a skill provided by 'awslabs'.
  • [PROMPT_INJECTION]: The skill uses variables <model-name> and <hub-name> in a command-line call, creating a surface for indirect prompt injection.
  • Ingestion points: These variables are sourced from user input or preceding agent context as described in SKILL.md.
  • Boundary markers: The instructions do not use specific markers or delimiters to isolate the untrusted data from the command context.
  • Capability inventory: The skill possesses the capability to execute arbitrary local scripts with arguments via the shell.
  • Sanitization: No explicit sanitization or validation of the model or hub names is performed before they are interpolated into the shell command.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 15, 2026, 01:10 AM
Security Audit — agent-trust-hub — finetuning-technique