physical-ai-video-data-augmentation

Pass

Audited by Gen Agent Trust Hub on Jun 18, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill automates the configuration and execution of complex video processing workflows on the OSMO platform. It correctly uses environment variables and the osmo credential set command to manage sensitive API keys (e.g., NGC_API_KEY, HF_TOKEN), adhering to platform security standards.
  • [SAFE]: External dependencies and model weights are fetched from well-known and trusted sources, including Hugging Face and NVIDIA's NGC registry. The preflight_credentials.sh script performs authorized probes to verify access to these registries before workflow submission.
  • [SAFE]: Command execution is limited to the official osmo CLI, standard system utilities like ffmpeg and curl, and defined Python scripts. The subprocess.run calls in pre_submit_guard.py are used for legitimate validation of storage paths and do not involve unsanitized user input.
  • [SAFE]: The skill implements a robust synchronization mechanism via osmo_barrier.py to coordinate multi-node worker tasks, using standard networking protocols for intra-group communication.
  • [SAFE]: Instructions and VLM/LLM prompts provided in the 'cookbooks' are focused on scene description and safety event labeling. No prompt injection patterns or attempts to bypass safety filters were identified.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 18, 2026, 04:35 PM
Security Audit — agent-trust-hub — physical-ai-video-data-augmentation