tao-run-inference-service

Pass

Audited by Gen Agent Trust Hub on Jun 18, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill strictly enforces a 'Secrets Rule' that prevents the agent from hardcoding or prompting the user for sensitive credentials (HF_TOKEN, TAO_API_KEY, etc.), mandating the use of environment variables accessed via os.environ.\n- [SAFE]: Command construction for orchestrating containers on Kubernetes, SLURM, and other platforms uses safe list-based subprocess calls or shlex.quote for shell strings, effectively preventing command injection vulnerabilities.\n- [SAFE]: External dependencies such as container images are resolved from the official NVIDIA container registry (nvcr.io), which is a well-known and trusted source.\n- [SAFE]: The skill manages service state through a local registry file (/tmp/tao-inf-ms-state.json) and avoids unnecessary persistence in sensitive system directories or modification of user shell profiles.\n- [SAFE]: Network operations are restricted to communication with the locally launched microservice or well-known services like the HuggingFace Hub, with explicit logic to reject unsupported cloud-storage URIs.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 18, 2026, 04:35 PM
Security Audit — agent-trust-hub — tao-run-inference-service