tao-train-mask-auto-label
Audited by Socket on Jun 23, 2026
1 alert found:
AnomalyNo direct malicious code or network-exfiltration logic is visible in this YAML manifest because it is only a pipeline configuration. However, it delegates high-impact execution to an external entrypoint (`mal`) inside a specified container image (`tao_toolkit.pyt`), with stage behavior driven by an untrusted/variable config path and indirect relative template files. Multiple anomalies (ambiguous `mal` naming reused across fields, unusual container reference, hardcoded-looking encryption_key value, and tokenized output path) increase supply-chain review priority. The actual malware likelihood cannot be confirmed from this file alone; focus should be on validating the provenance and integrity of the container image/tool behind `mal` and the contents of the referenced spec templates.