byted-ark-trainer
Pass
Audited by Gen Agent Trust Hub on May 7, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands for setting workspace file permissions (
chmod 755andchmod 644) to ensure the FaaS environment can traverse directories and read scripts. It also uses thearkCLI andark-trainer-helperto submit training jobs and manage endpoints.- [DYNAMIC_EXECUTION]: Thescripts/modules/train.pymodule usesimportliband__import__to dynamically load and execute user-supplied Python scripts (rollout.pyandgrader.py). This is a documented requirement for running custom reinforcement learning (RL) evaluation logic.- [EXTERNAL_DOWNLOADS]: The skill documentation guides the user to install theark_sdkandvolcengine-python-sdkfrom official Volcengine-owned domains (volces.comandvolcengineapi.com). These are recognized vendor resources.- [DATA_EXPOSURE]: The skill manages sensitive credentials (ARK_API_KEY,VOLCENGINE_ACCESS_KEY,VOLCENGINE_SECRET_KEY) by reading them from environment variables and.envfiles. This follows standard security practices for local development tools.
Audit Metadata