Skills
skills/slowlyc/agent-gpu-skills/sglang-skill/Gen Agent Trust Hub

sglang-skill

Pass

Audited by Gen Agent Trust Hub on May 11, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill includes a shell script (update-sglang.sh) that fetches source code from the official SGLang GitHub repository (https://github.com/sgl-project/sglang.git) using git clone and git pull operations.
  • [COMMAND_EXECUTION]: The instructions utilize various shell commands for development workflows. This includes using rg (ripgrep) to perform targeted searches within the SGLang source code, using git for repository management, and executing python commands to launch model serving engines and run benchmarks.
  • [PROMPT_INJECTION]: The skill creates a surface for indirect prompt injection (Category 8) by design. It directs the agent to analyze content from an external codebase (SGLang).
  • Ingestion points: Untrusted data enters the agent context via the output of rg (ripgrep) or when reading files within the repos/sglang/ directory.
  • Boundary markers: There are no explicit instructions or delimiters provided to warn the agent to ignore any natural language instructions found within the analyzed code files.
  • Capability inventory: The skill utilizes subprocess calls for shell commands (rg, git, bash, python) and has file system read access to the repository.
  • Sanitization: There is no evidence of sanitization or filtering of the repository content before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 11, 2026, 02:31 AM