Skills
skills/nvidia-nemo/megatron-bridge/recipe-recommender/Gen Agent Trust Hub

recipe-recommender

Pass

Audited by Gen Agent Trust Hub on Apr 19, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill provides instructions to execute shell commands using uv run torchrun and python to run training and benchmarking scripts (scripts/training/run_recipe.py and scripts/performance/run_script.py) based on user-selected configurations.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by taking user-provided input (such as model names, GPU counts, and parallelism settings) and interpolating it into shell command arguments. If malicious input is provided, it could lead to arbitrary command execution on the host system.
  • Ingestion points: User-provided model names and training parameters as described in the 'How to Use This Skill' section of SKILL.md.
  • Boundary markers: Absent; the skill does not instruct the agent to use delimiters or validation when constructing commands from user input.
  • Capability inventory: Shell command execution via training and performance scripts mentioned in SKILL.md.
  • Sanitization: Absent; no validation or escaping mechanisms are mentioned in the skill instructions.
  • [SAFE]: Provides a link to a pull request in NVIDIA's official Megatron Bridge repository (github.com/NVIDIA-NeMo/Megatron-Bridge) for documentation regarding upcoming unified recipe formats.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 19, 2026, 08:13 AM
Security Audit — agent-trust-hub — recipe-recommender