nv-generate-ct-rflow
Pass
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill downloads project code from GitHub (
github.com/NVIDIA-Medtech/NV-Generate-CTMR) and pre-trained model weights from HuggingFace (huggingface.co/nvidia/NV-Generate-CT). These are well-known technology platforms and the repositories belong to a recognized technology organization. - [COMMAND_EXECUTION]: Subprocess calls are used to invoke the upstream project's Python entrypoints and to perform version tracking via Git. These operations are restricted to the intended purpose of wrapping the external synthesis pipeline.
- [DYNAMIC_EXECUTION]: Several scripts, such as
run_ct_mask.py, dynamically modify the Python system path at runtime to import library code from the downloaded upstream repository. This is necessary for the skill to leverage the external project's internal logic. - [DYNAMIC_EXECUTION]: The script
run_ct_mask.pyusestorch.loadwithweights_only=Falseto load model checkpoints. While this is an unsafe deserialization pattern if used with untrusted files, it is a standard requirement for loading many existing AI model checkpoints and the files are fetched from trusted sources. - [INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted user data in the form of JSON configuration overrides. This surface is mitigated by strict allowlisting of allowed JSON keys and range/type validation of their values before they are passed to the underlying execution engine.
Audit Metadata