Skills
skills/modular/skills/import-model/Gen Agent Trust Hub

import-model

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill fetches model configurations (config.json) and safetensors metadata from the Hugging Face Hub using the official huggingface_hub library. Hugging Face is recognized as a well-known service for AI model hosting.
  • [REMOTE_CODE_EXECUTION]: Instructions and scripts utilize the trust_remote_code=True parameter within the transformers library. This allows the loading and execution of model-specific Python code from the remote repository, which is a standard requirement for handling custom architectures from this well-known service.
  • [COMMAND_EXECUTION]: The scripts/test_scripts.py utility employs subprocess.run to execute other scripts within the skill's directory for smoke testing. These executions are constrained to the skill's own files and use controlled arguments.
  • [SAFE]: No malicious patterns, such as obfuscation, credential harvesting, or unauthorized data exfiltration, were detected. All identified behaviors are legitimate and necessary for the primary function of the skill as a developer tool for model porting.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 05:21 PM
Security Audit — agent-trust-hub — import-model