tao-mine-aoi-images
Warn
Audited by Socket on Jun 23, 2026
1 alert found:
AnomalyAnomalyreferences/reference-invocation.md
LOWAnomalyLOW
references/reference-invocation.md
This snippet is a standard Docker-orchestrated ML pipeline with end-of-step artifact validation. There is no direct evidence of malicious code in the shell logic, but it introduces a meaningful supply-chain execution risk by dynamically selecting the container image/tool from a local versions.yaml (path controlled via TAO_SKILL_BANK_PATH) and executing it with the entire WORKSPACE mounted. If versions.yaml or the referenced image provenance is compromised, an attacker could run arbitrary container code that reads/writes host files under the mounted workspace. Pinning/verifying the container image by digest and tightening mount scope would materially reduce risk.
Confidence: 62%Severity: 58%
Audit Metadata