nel-assistant
Guides users through creating and modifying evaluation configurations for NeMo Evaluator Launcher with an interactive workflow.
Install this skill
or
63/100
Security score
The nel-assistant skill was audited on May 31, 2026 and we found 5 security issues across 3 threat categories, including 2 high-severity. Review the findings below before installing.
Categories Tested
Security Issues
high line 113
Curl to non-GitHub URL
SourceSKILL.md
| 113 | - Use `curl` instead of `wget` as it's more widely available in Docker containers. Example: `pre_cmd: curl -L -o reasoning_parser.py https://huggingface.co/.../reasoning_parser.py` |
high line 118
Access to root home directory
SourceSKILL.md
| 118 | - evaluation: `execution.mounts.evaluation: {"/absolute/path/to/hf_cache": "/root/.cache/huggingface"}` |
medium line 232
Access to .env file
SourceSKILL.md
| 232 | **Important**: Ensure required environment variables are available. Ask the user to provide `HF_TOKEN`, even if they are not using a gated model (like Llama) or dataset (like GPQA), to reduce Hugging |
low line 113
External URL reference
SourceSKILL.md
| 113 | - Use `curl` instead of `wget` as it's more widely available in Docker containers. Example: `pre_cmd: curl -L -o reasoning_parser.py https://huggingface.co/.../reasoning_parser.py` |
low line 232
External URL reference
SourceSKILL.md
| 232 | **Important**: Ensure required environment variables are available. Ask the user to provide `HF_TOKEN`, even if they are not using a gated model (like Llama) or dataset (like GPQA), to reduce Hugging |
Scanned on May 31, 2026
View Security Dashboard