modal
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill documents the use of the
modalCLI anduvpackage manager for project setup, authentication, and cloud deployment. Operations includemodal setup,modal run, andmodal deployto execute and host code remotely. - [EXTERNAL_DOWNLOADS]: The skill facilitates downloading the
modalpackage and various AI/ML dependencies (e.g., torch, vllm, pandas) from PyPI and Hugging Face. These downloads are standard for the platform's functionality and target well-known, established repositories. - [PROMPT_INJECTION]: Several code examples demonstrate how to process user-supplied input strings for LLM inference and image generation. This represents an indirect prompt injection surface, which is a standard risk for AI applications and should be mitigated during implementation.
Audit Metadata