vss-deploy-dense-captioning
Pass
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill makes extensive use of shell commands and Docker Compose to manage microservice lifecycles. It includes specific guards for privileged operations, recommending
sudo -nto prevent interactive hangs and ensure host-owner oversight. - [EXTERNAL_DOWNLOADS]: Fetches deployment configuration directly from NVIDIA's official GitHub repository. It also pulls container images from the NVIDIA Container Registry (
nvcr.io) and dependencies from well-known services like Apache and Confluent. - [PROMPT_INJECTION]: Indirect Prompt Injection Surface.
- Ingestion points: The skill processes user-provided media files via the
/v1/filesendpoint and RTSP stream URLs via/v1/streams/add. - Boundary markers: No specific boundary markers or "ignore instructions" delimiters are implemented for content ingested from these external sources.
- Capability inventory: The skill utilizes powerful capabilities including
docker compose,curl,wget, andpython3for system configuration and service management as seen inreferences/deploy-rt-vlm-service.md. - Sanitization: There is no evidence of sanitization or filtering for instructions that might be embedded in media metadata or stream content.
Audit Metadata