tao-launch-workflow
Pass
Audited by Gen Agent Trust Hub on Jun 23, 2026
Risk Level: SAFECOMMAND_EXECUTIONCREDENTIALS_UNSAFE
Full Analysis
- [COMMAND_EXECUTION]: Executes local Python utility scripts (
list_tao_platforms.py,resolve_tao_image.py,check_tao_launch_preflight.py) to manage platform configuration and validate job parameters before execution. - [COMMAND_EXECUTION]: Uses shell commands including
ssh,ssh-keygen,ssh-copy-id, andssh-keyscanto facilitate and verify passwordless connectivity to Slurm clusters. - [CREDENTIALS_UNSAFE]: Promptly requests sensitive credentials such as
HF_TOKENandSSH_KEY_PATHfrom the user. These are handled locally to authenticate against the chosen execution platform and gated model repositories. - [SAFE]: Implements a 'Non-Negotiable Launch Gate' that prevents the generation of artifacts, scripts, or workspace folders until all preflight checks—including platform access, credential verification, and image resolution—are successfully completed.
Audit Metadata