tao-train-metric-learning-recognition
Pass
Audited by Gen Agent Trust Hub on Jun 23, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill's documentation and deployment references guide the user to run official NVIDIA container images from
nvcr.io(e.g.,nvcr.io/nvidia/tao/tao-toolkit). These are well-known technology service domains and are consistent with the vendor identity. - [COMMAND_EXECUTION]: The skill defines tool actions (
train,evaluate,inference,export,gen_trt_engine) that execute theml_recogcommand-line utility. These operations occur within the context of the TAO Toolkit container environment and are aligned with the skill's purpose for model lifecycle management. - [DATA_EXPOSURE]: The skill includes placeholders and examples for data paths (e.g.,
s3://bucket/data/train). No sensitive credentials or private data are hardcoded within the skill files. - [INDIRECT_PROMPT_INJECTION]: The skill processes user-supplied configuration files and dataset paths at runtime. While this creates a potential surface for indirect injection via malicious data content, the skill uses structured YAML/JSON schemas to validate parameters, which provides a layer of protection against malformed input.
Audit Metadata