tilegym-monkey-patch-kernels-to-transformers
Pass
Audited by Gen Agent Trust Hub on Jun 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The workflow requires extensive use of system commands including
docker buildanddocker runfor environment management,nvidia-smifor hardware verification, andgitfor version control management during the integration process. - [EXTERNAL_DOWNLOADS]: The skill researches model architectures by fetching data from well-known external services like Hugging Face and GitHub repositories to identify kernel requirements.
- [REMOTE_CODE_EXECUTION]: The skill involves an autonomous loop that generates Python kernel files and monkey-patching logic which are then executed and verified within the Docker container. This script generation and execution is the primary purpose of the skill.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it ingests untrusted model configurations and source code from external sources (ingestion points in
references/kernel-integration.md). The ingested data influences the agent's autonomous code generation capabilities (capability inventory includes file writes, bash execution, and docker runs) without explicit sanitization or boundary markers defined in the instructions.
Audit Metadata