tao-train-ocrnet

Pass

Audited by Gen Agent Trust Hub on Jun 12, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [SAFE]: No malicious patterns, obfuscation, or unauthorized data access detected. The skill utilizes official NVIDIA container images (nvcr.io/nvidia/tao/tao-toolkit) and tools. It also includes a digital signature (skill.oms.sig) to ensure the integrity of the skill files.
  • [PROMPT_INJECTION]: The skill processes external datasets, which is an inherent attack surface for indirect prompt injection.
  • Ingestion points: Dataset directories and character list files specified in SKILL.md and schemas (e.g., 'dataset.train_dataset_dir', 'dataset.character_list_file').
  • Boundary markers: No specific delimiters or safety instructions are defined to separate untrusted data from the agent's instructions.
  • Capability inventory: The skill facilitates command execution through the 'Bash' tool to run TAO Toolkit operations and manage Docker containers as defined in 'references/skill_info.yaml'.
  • Sanitization: No specific sanitization or content validation of the input datasets is documented, which is typical for specialized machine learning training tools.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 12, 2026, 11:35 PM
Security Audit — agent-trust-hub — tao-train-ocrnet