tao-run-on-local-docker
Pass
Audited by Gen Agent Trust Hub on Jun 12, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides a standard interface for local Docker execution of TAO SDK jobs.
- [COMMAND_EXECUTION]: The skill uses standard shell commands to verify the Docker environment and GPU runtime (
docker run,docker network create). These are appropriate for the skill's stated purpose and do not represent a threat. - [CREDENTIALS_UNSAFE]: The skill references environment variables for cloud storage (
ACCESS_KEY,SECRET_KEY) and registry access (NGC_KEY,HF_TOKEN). These are handled via the user's environment rather than being hardcoded, following security best practices. - [EXTERNAL_DOWNLOADS]: The skill suggests installing dependencies like
nvidia-tao-sdkfrom public registries (PyPI) and references local setup scripts for host configuration. These downloads originate from standard sources or local file paths.
Audit Metadata