tao-run-on-local-docker

Pass

Audited by Gen Agent Trust Hub on Jun 12, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill provides a standard interface for local Docker execution of TAO SDK jobs.
  • [COMMAND_EXECUTION]: The skill uses standard shell commands to verify the Docker environment and GPU runtime (docker run, docker network create). These are appropriate for the skill's stated purpose and do not represent a threat.
  • [CREDENTIALS_UNSAFE]: The skill references environment variables for cloud storage (ACCESS_KEY, SECRET_KEY) and registry access (NGC_KEY, HF_TOKEN). These are handled via the user's environment rather than being hardcoded, following security best practices.
  • [EXTERNAL_DOWNLOADS]: The skill suggests installing dependencies like nvidia-tao-sdk from public registries (PyPI) and references local setup scripts for host configuration. These downloads originate from standard sources or local file paths.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 12, 2026, 09:11 PM
Security Audit — agent-trust-hub — tao-run-on-local-docker