tilegym-cutile-python

Pass

Audited by Gen Agent Trust Hub on Jun 12, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the agent to download reference source code from official GitHub repositories, including the NVIDIA TileGym repository and the PyTorch codebase, to provide context for kernel development.
  • [COMMAND_EXECUTION]: The skill defines a mandatory validation loop that involves executing generated Python scripts via the shell to verify the numerical accuracy of translated GPU kernels against reference implementations.
  • [SAFE]: Automated alerts regarding eval() calls in several example files were manually reviewed and identified as false positives; the code uses the PyTorch nn.Module.eval() method to set neural network layers to evaluation mode.
  • [PROMPT_INJECTION]: The skill is designed to process user-provided code and mathematical descriptions, which are then used to generate executable scripts. This creates a surface for indirect prompt injection, though it is consistent with the primary purpose of a code-translation assistant.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 12, 2026, 07:42 PM
Security Audit — agent-trust-hub — tilegym-cutile-python