tao-train-pointpillars
Pass
Audited by Gen Agent Trust Hub on Jun 23, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill refers to well-known and official NVIDIA domains (
nvcr.io,nvidia.com) for container images and documentation, which is consistent with the author identity. - [SAFE]: An indirect prompt injection surface is present as the skill ingests user-defined data paths and configuration overrides to generate shell commands. This surface is necessary for the skill's primary function of model training and is not inherently malicious.
- [SAFE]: The skill uses standard data formats for 3D object detection, including dataset metadata stored in Python Pickle (
.pkl) files. This is consistent with established machine learning toolchains in this domain. - [SAFE]: The signature file (
skill.oms.sig) contains standard cryptographic material, including encoded X.509 certificates and digital signatures, which are used for authenticity verification and do not contain hidden malicious instructions.
Audit Metadata