physical-ai-defect-image-generation

Pass

Audited by Gen Agent Trust Hub on Jun 18, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches the yq utility binary from its official repository on GitHub (mikefarah/yq) during workflow execution to handle YAML processing within task pods. This is performed via curl or wget in scripts like assets/configs/texture_defect_generation_day0.yaml.
  • [COMMAND_EXECUTION]: Utilizes dynamically generated shell and Python scripts to orchestrate complex rendering, augmentation, and inference tasks on the OSMO platform. These scripts are constructed from static templates provided within the skill.
  • [COMMAND_EXECUTION]: Manipulates the PATH environment variable within task scripts (e.g., export PATH=/tmp:$PATH) to enable the use of downloaded utility binaries like yq. This is a standard procedure for localized tool execution in restricted environments.
  • [SAFE]: Implements secure credential practices by utilizing platform-native secret management (OSMO credentials like hf-token) and performs network operations exclusively against well-known, reputable services such as Hugging Face and GitHub.
  • [SAFE]: The identified data ingestion surfaces (e.g., USD files, real images, and user-supplied ZIP files for the glass use case) are handled using standard domain-specific processing tools and are appropriate for the skill's intended use in industrial optical inspection.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 18, 2026, 04:35 PM
Security Audit — agent-trust-hub — physical-ai-defect-image-generation