skills/plurigrid/asi/local-finetune/Gen Agent Trust Hub

local-finetune

Pass

Audited by Gen Agent Trust Hub on Jun 20, 2026

Risk Level: SAFEDATA_EXFILTRATIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: Accesses the private interaction history file ~/.claude/history.jsonl to extract training data from previous user conversations.- [DATA_EXFILTRATION]: Reads markdown content from the local ~/.claude/skills/ directory to build a skill knowledge base.- [COMMAND_EXECUTION]: Runs shell-based data processing pipelines using awk, sort, head, and tail to prepare training data sets from extracted content.- [COMMAND_EXECUTION]: Invokes the mlx_lm CLI suite (lora, generate, fuse) to perform local model weight modification and inference on the host system.- [EXTERNAL_DOWNLOADS]: Fetches pre-trained models from the mlx-community repository on Hugging Face (a well-known service) to serve as a base for fine-tuning.- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by processing untrusted data from Claude history and external skill files without sanitization. \n
  • Ingestion points: ~/.claude/history.jsonl and markdown files in ~/.claude/skills/. \n
  • Boundary markers: Absent. \n
  • Capability inventory: Data processing via DuckDB and model training via mlx-lm. \n
  • Sanitization: Absent.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 20, 2026, 04:49 PM
Security Audit — agent-trust-hub — local-finetune