fine-tuning-gpt-5-gpu-kernel

Pass

Audited by Gen Agent Trust Hub on Jun 19, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting and processing untrusted data (PyTorch reference implementations provided by a user). Ingestion points: The agent is instructed to extract and process user-supplied code (SKILL.md, Step 1). Boundary markers: No explicit boundary markers or 'ignore' instructions for the processed code are provided. Capability inventory: The skill requires execution of code via the Python interpreter and Triton compiler (Step 4, 5, 6). Sanitization: No sanitization or sandboxing procedures for user-provided code are described.
  • [COMMAND_EXECUTION]: The primary workflow involves executing generated and user-provided code to validate correctness and measure performance (e.g., executing torch.allclose and triton.testing.do_bench in steps 4 and 7). This allows the execution of code influenced by external input.
  • [DYNAMIC_EXECUTION]: The skill relies on generating and compiling Triton kernels at runtime using triton.jit. This is the intended purpose of the skill, but it involves the runtime execution of dynamically created content which may incorporate user-supplied logic.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 19, 2026, 11:25 PM
Security Audit — agent-trust-hub — fine-tuning-gpt-5-gpu-kernel