Skills
skills/vm0-ai/vm0-skills/hugging-face/Gen Agent Trust Hub

hugging-face

Pass

Audited by Gen Agent Trust Hub on Apr 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses curl and jq to perform HTTP requests and process JSON data. These are standard utilities for API interaction.
  • [EXTERNAL_DOWNLOADS]: The skill interacts with Hugging Face's official API endpoints (huggingface.co and router.huggingface.co) to search for models and run inference. These are well-known and trusted service domains.
  • [DATA_EXFILTRATION]: No sensitive local data access or suspicious external network activity was detected. The skill uses a standard environment variable (HUGGING_FACE_TOKEN) for authentication.
  • [PROMPT_INJECTION]: There are no instructions that attempt to override agent safety guidelines or manipulate core behavior.
  • [INDIRECT_PROMPT_INJECTION]: The skill ingests data from external API responses (Hugging Face model metadata and inference results), which could theoretically contain malicious text targeting the agent. However, this is a standard risk for any skill interacting with external content and does not indicate malicious intent by the author.
  • Ingestion points: Hugging Face API responses from huggingface.co and router.huggingface.co (SKILL.md)
  • Boundary markers: None specified in the instructions.
  • Capability inventory: Shell execution via curl (SKILL.md)
  • Sanitization: No explicit sanitization or filtering of API output is defined before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 17, 2026, 04:43 PM