physical-ai-defect-image-generation
Pass
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches the
yqutility binary from its official repository on GitHub (mikefarah/yq) during workflow execution to handle YAML processing within task pods. This is performed viacurlorwgetin scripts likeassets/configs/texture_defect_generation_day0.yaml. - [COMMAND_EXECUTION]: Utilizes dynamically generated shell and Python scripts to orchestrate complex rendering, augmentation, and inference tasks on the OSMO platform. These scripts are constructed from static templates provided within the skill.
- [COMMAND_EXECUTION]: Manipulates the
PATHenvironment variable within task scripts (e.g.,export PATH=/tmp:$PATH) to enable the use of downloaded utility binaries likeyq. This is a standard procedure for localized tool execution in restricted environments. - [SAFE]: Implements secure credential practices by utilizing platform-native secret management (OSMO credentials like
hf-token) and performs network operations exclusively against well-known, reputable services such as Hugging Face and GitHub. - [SAFE]: The identified data ingestion surfaces (e.g., USD files, real images, and user-supplied ZIP files for the glass use case) are handled using standard domain-specific processing tools and are appropriate for the skill's intended use in industrial optical inspection.
Audit Metadata