deepstream-import-vision-model

Pass

Audited by Gen Agent Trust Hub on Jun 18, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill fetches model files and configuration metadata from well-known and reputable sources, specifically HuggingFace and the NVIDIA NGC catalog. These operations are performed via HTTPS using dedicated helper scripts that include input validation.
  • [EXTERNAL_DOWNLOADS]: Automated setup of a shared Python virtual environment involves installing standard machine learning libraries and reporting utilities from official package registries (PyPI).
  • [COMMAND_EXECUTION]: Orchestrates model optimization and performance profiling using official NVIDIA binaries (trtexec, deepstream-app) and the GStreamer framework.
  • [COMMAND_EXECUTION]: Uses Python subprocess calls to invoke report styling and diagram rendering tools (wkhtmltopdf, mmdc). These calls are implemented with shell=False and use parameterized argument lists to prevent command injection.
  • [DATA_EXPOSURE]: Implements strict directory scoping and path validation in its cleanup and file management scripts to prevent path traversal and ensure that file operations are restricted to the local build and model directories.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 18, 2026, 04:34 PM
Security Audit — agent-trust-hub — deepstream-import-vision-model