tilegym-monkey-patch-kernels-to-transformers

Pass

Audited by Gen Agent Trust Hub on Jun 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The workflow requires extensive use of system commands including docker build and docker run for environment management, nvidia-smi for hardware verification, and git for version control management during the integration process.
  • [EXTERNAL_DOWNLOADS]: The skill researches model architectures by fetching data from well-known external services like Hugging Face and GitHub repositories to identify kernel requirements.
  • [REMOTE_CODE_EXECUTION]: The skill involves an autonomous loop that generates Python kernel files and monkey-patching logic which are then executed and verified within the Docker container. This script generation and execution is the primary purpose of the skill.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it ingests untrusted model configurations and source code from external sources (ingestion points in references/kernel-integration.md). The ingested data influences the agent's autonomous code generation capabilities (capability inventory includes file writes, bash execution, and docker runs) without explicit sanitization or boundary markers defined in the instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 17, 2026, 05:41 AM
Security Audit — agent-trust-hub — tilegym-monkey-patch-kernels-to-transformers