tao-run-on-lepton

Pass

Audited by Gen Agent Trust Hub on Jun 12, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill installs the nvidia-tao-sdk package from PyPI and fetches a multi-node synchronization script from the official LeptonAI GitHub repository. These downloads are associated with the core functionality of the platform service and target well-known repositories.- [COMMAND_EXECUTION]: The skill uses shell commands and Python scripts to perform preflight environment checks and submit containerized workloads to the Lepton compute platform. This includes sourcing initialization scripts within the remote container environment to configure distributed training.- [CREDENTIALS_UNSAFE]: The skill requires standard environment variables for authentication (LEPTON_AUTH_TOKEN, LEPTON_WORKSPACE_ID) and storage access (SECRET_KEY, NGC_KEY). These are correctly handled as environment variables rather than hardcoded secrets.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 12, 2026, 07:42 PM
Security Audit — agent-trust-hub — tao-run-on-lepton