simready-foundation-conform-fet-000-core

Pass

Audited by Gen Agent Trust Hub on Jun 22, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses uv run to execute specialized tools such as apply-simready-foundation-metadata and validate-simready-profile. These are vendor-specific commands (NVIDIA) intended for the asset repair workflow.
  • [EXTERNAL_DOWNLOADS]: The use of uv run may trigger the download of necessary Python environments or packages. As these tools are associated with the vendor infrastructure, this is considered standard behavior for this utility.
  • [DATA_EXPOSURE]: The skill operates on local USD assets and generates reports within a user-defined output directory. No unauthorized network operations or exfiltration patterns were detected.
  • [INDIRECT_PROMPT_INJECTION]: The skill ingests external data including USD files and validation reports (.json, .md). While this presents a theoretical injection surface, the risk is mitigated by the highly structured nature of the data and the use of specific, deterministic repair logic rather than arbitrary execution.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 22, 2026, 01:54 PM
Security Audit — agent-trust-hub — simready-foundation-conform-fet-000-core