vss-deploy-dense-captioning

Pass

Audited by Gen Agent Trust Hub on Jun 18, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill makes extensive use of shell commands and Docker Compose to manage microservice lifecycles. It includes specific guards for privileged operations, recommending sudo -n to prevent interactive hangs and ensure host-owner oversight.
  • [EXTERNAL_DOWNLOADS]: Fetches deployment configuration directly from NVIDIA's official GitHub repository. It also pulls container images from the NVIDIA Container Registry (nvcr.io) and dependencies from well-known services like Apache and Confluent.
  • [PROMPT_INJECTION]: Indirect Prompt Injection Surface.
  • Ingestion points: The skill processes user-provided media files via the /v1/files endpoint and RTSP stream URLs via /v1/streams/add.
  • Boundary markers: No specific boundary markers or "ignore instructions" delimiters are implemented for content ingested from these external sources.
  • Capability inventory: The skill utilizes powerful capabilities including docker compose, curl, wget, and python3 for system configuration and service management as seen in references/deploy-rt-vlm-service.md.
  • Sanitization: There is no evidence of sanitization or filtering for instructions that might be embedded in media metadata or stream content.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 18, 2026, 04:35 PM
Security Audit — agent-trust-hub — vss-deploy-dense-captioning