tao-train-nvdinov2

Pass

Audited by Gen Agent Trust Hub on Jun 23, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [SAFE]: No malicious patterns or security vulnerabilities were detected. The skill follows security best practices, including the provision of a digital signature for integrity verification and clear documentation of hardware and software requirements.
  • [EXTERNAL_DOWNLOADS]: The skill provides instructions for utilizing official NVIDIA Docker containers from the NVIDIA Container Registry (nvcr.io). This is a well-known and trusted service provided by the skill's author and does not represent a security risk.
  • [COMMAND_EXECUTION]: The skill defines several commands for training, distillation, export, and inference using the nvdinov2 CLI tool as documented in references/skill_info.yaml. These commands are standard for the NVIDIA TAO Toolkit and are designed to be executed within a containerized environment.
  • [PROMPT_INJECTION]: The skill establishes ingestion points for user-provided data, creating a potential surface for indirect prompt injection. This is an inherent characteristic of the model training use case and is managed through the use of established vendor tools.
  • Ingestion points: User-specified dataset directories (images_dir) and configuration files (config_path) as defined in the skill metadata.
  • Boundary markers: None identified in the instructional content.
  • Capability inventory: Execution of nvdinov2 CLI commands via the Bash tool.
  • Sanitization: Standard path and configuration validation performed by the underlying NVIDIA TAO Toolkit software.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 23, 2026, 12:10 PM
Security Audit — agent-trust-hub — tao-train-nvdinov2