vss-deploy-detection-tracking-2d
Pass
Audited by Gen Agent Trust Hub on Jun 12, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: A detailed audit of all 51 files, including 23 scripts and various reference documents, reveals no malicious intent, prompt injection, or data exfiltration patterns.
- [EXTERNAL_DOWNLOADS]: The skill downloads model weights and test videos from NVIDIA NGC registries (
nvcr.io,ngc.nvidia.com). These are established vendor sources and are treated as safe per policy. - [COMMAND_EXECUTION]: Shell and Python scripts are used to manage Docker containers and update INI/YAML configurations. These operations are restricted to the deployment environment and are essential for the skill's function.
- [CREDENTIALS_UNSAFE]: The skill manages NVIDIA NGC credentials. It enforces secure file permissions (
0600) and includes sophisticated Python-based regex logic to redact API keys and authorization tokens from deployment logs and reassembleddocker runcommand lines.
Audit Metadata