modal
Pass
Audited by Gen Agent Trust Hub on Jun 14, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides legitimate technical documentation and code examples for interacting with the Modal cloud platform.
- [SAFE]: The documentation provides guidance on managing authentication tokens and sensitive API keys using environment variables and Modal's native Secret management system. It correctly uses placeholders for sensitive values and recommends using .env files for local development.
- [EXTERNAL_DOWNLOADS]: The skill describes the installation of the official 'modal' Python package and provides examples of downloading model weights from trusted sources like Hugging Face and other external URLs.
- [COMMAND_EXECUTION]: It documents the use of platform-specific commands for running code in the cloud (e.g., 'modal run', 'modal deploy') and executing shell commands within container build environments. These are standard features of the serverless compute platform.
- [PROMPT_INJECTION]: The skill includes examples for processing external data via web scraping. While this identifies a surface for indirect prompt injection, it is presented as a standard functionality of the data processing tools described and does not contain malicious instructions.
Audit Metadata