swift-mlx-lm
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill downloads model weights, configurations, and tokenizers from Hugging Face's official repositories (huggingface.co). This is a well-known service for machine learning models and the operations are performed through official Swift integrations.
- [COMMAND_EXECUTION]: Features a tool-calling framework that allows models to request the execution of predefined Swift closures. The examples provided use benign handlers for tasks like fetching weather data.
- [PROMPT_INJECTION]: The skill is designed to process external and potentially untrusted data, such as user prompts and retrieved documents. It utilizes model-specific chat templates and tokenizers to maintain boundaries between system instructions and user-provided content.
- Ingestion points: Ingests user prompts, images, and videos as documented in
SKILL.mdandreferences/tokenizer-chat.md. - Boundary markers: Employs model-specific chat templates via
tokenizer.applyChatTemplateto delimit user input. - Capability inventory: Includes tool execution, local file-system access for model storage, and LoRA training capabilities.
- Sanitization: Uses pre-trained tokenizers to format and validate raw text into structured model inputs.
Audit Metadata