tilegym-monkey-patch-kernels-to-transformers
Pass
Audited by Gen Agent Trust Hub on Jun 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill requires the execution of shell commands for environment configuration and performance benchmarking, including
docker run,docker build, andnvidia-smi. It also runs project-specific scripts likebench_<submodule_name>.shto evaluate model throughput and kernel coverage within a controlled Docker environment. - [EXTERNAL_DOWNLOADS]: The integration workflow involves fetching model architectures and source code from well-known services such as Hugging Face and GitHub. These activities are directed toward official model repositories and are necessary for the research phase of the kernel integration process.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface due to its requirement to research and process external model code. \n
- Ingestion points: Research involves reading model implementation code and configuration from the Hugging Face Hub and GitHub (as noted in
kernel-integration.md). \n - Boundary markers: There are no explicit instructions for the agent to use delimiters or ignore instructions within the retrieved model data. \n
- Capability inventory: The skill maintains capabilities for subprocess execution (
bash), Docker management, and file system operations to support kernel development and testing. \n - Sanitization: The skill relies on the agent's research and manual verification steps, with no automated sanitization of fetched external code described.
Audit Metadata