tao-train-oneformer

Pass

Audited by Gen Agent Trust Hub on Jun 23, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]:\n
  • Source: https://github.com/SwinTransformer/storage/releases/download/v1.0.8/swin_tiny_patch4_window7_224_22k.pth\n
  • Context: Referenced in SKILL.md as the pretrained_backbone.\n
  • Behavior: Fetches model weights from a well-known public repository on GitHub.\n- [COMMAND_EXECUTION]:\n
  • Source: references/tao-deploy-oneformer.md\n
  • Behavior: Provides documentation for docker run commands to execute the TAO Toolkit.\n
  • Context: Utilizes official container images from the vendor's registry (nvcr.io) to perform machine learning tasks.\n- [SAFE]:\n
  • Category 8 (Indirect Prompt Injection) Surface Analysis:\n
  • Ingestion points: Dataset paths and S3 bucket identifiers in SKILL.md.\n
  • Boundary markers: Present; the skill employs strict JSON schemas (schemas/) and spec templates to structure all agent-provided data.\n
  • Capability inventory: Bash tool usage is documented for running official TAO subcommands within isolated containers in references/skill_info.yaml.\n
  • Sanitization: External inputs are validated against the schema properties before being passed to the training engine.\n
  • Secret Management: The skill correctly uses empty string placeholders for sensitive parameters like encryption_key, ensuring no credentials are hardcoded.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 23, 2026, 12:12 PM
Security Audit — agent-trust-hub — tao-train-oneformer