vss-deploy-detection-tracking-3d

Warn

Audited by Gen Agent Trust Hub on Jun 12, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill frequently uses sudo for system-level administrative tasks such as creating directories and managing access control lists (ACLs).
  • Evidence: Found in references/calibration-workflow.md (sudo mkdir, sudo setfacl) and references/deploy-rtvi-cv-3d-stack.md (sudo chmod).
  • [COMMAND_EXECUTION]: A 'Nuke option' in the teardown documentation uses sudo rm -rf to perform a destructive cleanup of project state and calibration data.
  • Evidence: Found in references/teardown.md under the 'Nuke option' section.
  • [DYNAMIC_EXECUTION]: The skill executes an embedded Python script to normalize camera names by performing file renames and modifying local JSON configurations.
  • Evidence: Found in references/configure-cameras.md at Step 0.
  • [INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted external data in the form of RTSP stream URLs and local video files, creating a potential surface for indirect prompt injection.
  • Ingestion points: references/calibration-workflow.md (RTSP URLs and video files).
  • Boundary markers: Absent; instructions do not specify delimiters for external data during processing.
  • Capability inventory: Includes docker compose up, docker run, filesystem modifications, and sudo command execution across multiple reference files.
  • Sanitization: Instructions do not document validation or escaping for user-supplied RTSP URLs or video metadata.
  • [EXTERNAL_DOWNLOADS]: The skill downloads container images from NVIDIA's registry and machine learning models from HuggingFace.
  • Evidence: references/deploy-rtvi-cv-3d-stack.md (NVIDIA NGC images) and references/calibration-workflow.md (VGGT model download). These resources originate from well-known services.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 12, 2026, 11:35 PM
Security Audit — agent-trust-hub — vss-deploy-detection-tracking-3d