tilegym-monkey-patch-kernels-to-transformers

Pass

Audited by Gen Agent Trust Hub on Jun 12, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill requires the execution of shell commands for environment configuration and performance benchmarking, including docker run, docker build, and nvidia-smi. It also runs project-specific scripts like bench_<submodule_name>.sh to evaluate model throughput and kernel coverage within a controlled Docker environment.
  • [EXTERNAL_DOWNLOADS]: The integration workflow involves fetching model architectures and source code from well-known services such as Hugging Face and GitHub. These activities are directed toward official model repositories and are necessary for the research phase of the kernel integration process.
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface due to its requirement to research and process external model code. \n
  • Ingestion points: Research involves reading model implementation code and configuration from the Hugging Face Hub and GitHub (as noted in kernel-integration.md). \n
  • Boundary markers: There are no explicit instructions for the agent to use delimiters or ignore instructions within the retrieved model data. \n
  • Capability inventory: The skill maintains capabilities for subprocess execution (bash), Docker management, and file system operations to support kernel development and testing. \n
  • Sanitization: The skill relies on the agent's research and manual verification steps, with no automated sanitization of fetched external code described.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 12, 2026, 08:33 PM
Security Audit — agent-trust-hub — tilegym-monkey-patch-kernels-to-transformers