tao-train-nvdinov2
Pass
Audited by Gen Agent Trust Hub on Jun 23, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were detected. The skill follows security best practices, including the provision of a digital signature for integrity verification and clear documentation of hardware and software requirements.
- [EXTERNAL_DOWNLOADS]: The skill provides instructions for utilizing official NVIDIA Docker containers from the NVIDIA Container Registry (nvcr.io). This is a well-known and trusted service provided by the skill's author and does not represent a security risk.
- [COMMAND_EXECUTION]: The skill defines several commands for training, distillation, export, and inference using the nvdinov2 CLI tool as documented in references/skill_info.yaml. These commands are standard for the NVIDIA TAO Toolkit and are designed to be executed within a containerized environment.
- [PROMPT_INJECTION]: The skill establishes ingestion points for user-provided data, creating a potential surface for indirect prompt injection. This is an inherent characteristic of the model training use case and is managed through the use of established vendor tools.
- Ingestion points: User-specified dataset directories (images_dir) and configuration files (config_path) as defined in the skill metadata.
- Boundary markers: None identified in the instructional content.
- Capability inventory: Execution of nvdinov2 CLI commands via the Bash tool.
- Sanitization: Standard path and configuration validation performed by the underlying NVIDIA TAO Toolkit software.
Audit Metadata