tao-analyze-gaps-visual-changenet
Pass
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes
docker runwith thetao_toolkit.data_servicescontainer. The container is granted access to the workspace via volume mounting (-v $WORKSPACE:$WORKSPACE) and GPU resources, which is necessary for the intended data processing functionality.\n- [EXTERNAL_DOWNLOADS]: The skill pulls a Docker image from the NVIDIA container registry (nvcr.io). As NVIDIA is a well-known and trusted technology provider, this download is part of the expected functionality.\n- [DATA_EXFILTRATION]: The skill includes a hook (hooks/rca-package.sh) that reads session logs from~/.claude/projects/to package them with the analysis results locally. This facilitates reproducibility and is not an exfiltration risk.\n- [PROMPT_INJECTION]: The skill processes output from the Docker container (e.g.,unreachable_kpi.txt) to generate reports.\n - Ingestion points:
unreachable_kpi.txt,metrics.json,threshold.txt.\n - Boundary markers: None explicitly used when reading these files.\n
- Capability inventory: Full
Bashanddockeraccess on the host.\n - Sanitization: None; the agent reads and incorporates text directly into its report.
Audit Metadata