Skip to content

chore(deps): update huggingface/skills digest to 6bbfb54#593

Open
renovate[bot] wants to merge 1 commit intomainfrom
renovate/huggingface-skills-digest
Open

chore(deps): update huggingface/skills digest to 6bbfb54#593
renovate[bot] wants to merge 1 commit intomainfrom
renovate/huggingface-skills-digest

Conversation

@renovate
Copy link
Copy Markdown
Contributor

@renovate renovate Bot commented Apr 30, 2026
edited
Loading

This PR contains the following updates:

Package Update Change
huggingface/skills digest 904a2f96bbfb54

Configuration

📅 Schedule: (UTC)

  • Branch creation
    • At any time (no schedule defined)
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@github-actions
Copy link
Copy Markdown

github-actions Bot commented Apr 30, 2026
edited
Loading

🛡️ Skill Security Scan Results

✅ hf-cli

  • Status: Passed
  • Findings: 10
  • Allowed (not blocking): 4
    • PIPELINE_TAINT_FLOW (Allowed: The skill's prerequisites cite the official hf CLI installer (curl -LsSf https://hf.co/cli/install.sh | bash) and the hf-mount installer (curl -fsSL https://raw.githubusercontent.com/huggingface/hf-mount/main/install.sh | sh) as documented install commands. The scanner itself flags both as 'instructional install text in SKILL.md'.)
    • PIPELINE_TAINT_FLOW (Allowed: The skill's prerequisites cite the official hf CLI installer (curl -LsSf https://hf.co/cli/install.sh | bash) and the hf-mount installer (curl -fsSL https://raw.githubusercontent.com/huggingface/hf-mount/main/install.sh | sh) as documented install commands. The scanner itself flags both as 'instructional install text in SKILL.md'.)
    • ATR_HIGH_RISK_TOOL_GATE (Allowed: False positive - matches on the word delete in SKILL.md, where the
      skill documents official hf CLI subcommands (e.g., hf repos delete,
      hf buckets delete, hf repos delete-files, hf spaces volumes delete,
      hf webhooks delete, hf endpoints delete). These are documented
      Hugging Face CLI subcommands a user explicitly invokes against their own
      HF account, not autonomous high-risk tool calls. Verified at digest
      acd2bf5a7126994e15143bec061fe87a882811f3.
      )
    • ATR_MCP_MALICIOUS_RESPONSE (Allowed: Same root cause as PIPELINE_TAINT_FLOW above - matches the official
      hf CLI installer (curl -LsSf https://hf.co/cli/install.sh | bash,
      SKILL.md:1) and the hf-mount installer
      (curl -fsSL https://raw.githubusercontent.com/huggingface/hf-mount/main/install.sh | sh,
      SKILL.md:180). These are documented install commands hard-coded in
      SKILL.md, not MCP tool responses. Both endpoints are official Hugging
      Face installer URLs. Verified at digest
      acd2bf5a7126994e15143bec061fe87a882811f3.
      )

✅ hf-mcp

  • Status: Passed
  • Findings: 5
  • Allowed (not blocking): 1
    • MANIFEST_MISSING_LICENSE (Allowed: huggingface/skills is licensed Apache-2.0 at the repository root; upstream does not embed an SPDX license identifier in per-skill SKILL.md frontmatter.)

✅ huggingface-community-evals

  • Status: Passed
  • Findings: 8
  • Allowed (not blocking): 1
    • MANIFEST_MISSING_LICENSE (Allowed: huggingface/skills is licensed Apache-2.0 at the repository root; upstream does not embed an SPDX license identifier in per-skill SKILL.md frontmatter.)

✅ huggingface-datasets

  • Status: Passed
  • Findings: 5
  • Allowed (not blocking): 1
    • MANIFEST_MISSING_LICENSE (Allowed: huggingface/skills is licensed Apache-2.0 at the repository root; upstream does not embed an SPDX license identifier in per-skill SKILL.md frontmatter.)

✅ huggingface-gradio

  • Status: Passed
  • Findings: 3
  • Allowed (not blocking): 1
    • MANIFEST_MISSING_LICENSE (Allowed: huggingface/skills is licensed Apache-2.0 at the repository root; upstream does not embed an SPDX license identifier in per-skill SKILL.md frontmatter.)

✅ huggingface-llm-trainer

  • Status: Passed
  • Findings: 16
  • Allowed (not blocking): 9
    • TOOL_ABUSE_SYSTEM_PACKAGE_INSTALL (Allowed: The bundled scripts/convert_to_gguf.py references sudo apt-get install / sudo yum install for optional system packages (build tools) when converting trained models to GGUF format. These run in ephemeral HF Jobs containers, not on the user's host. The script is HF-authored and documented in SKILL.md.)
    • TOOL_ABUSE_SYSTEM_PACKAGE_INSTALL (Allowed: The bundled scripts/convert_to_gguf.py references sudo apt-get install / sudo yum install for optional system packages (build tools) when converting trained models to GGUF format. These run in ephemeral HF Jobs containers, not on the user's host. The script is HF-authored and documented in SKILL.md.)
    • TOOL_ABUSE_SYSTEM_PACKAGE_INSTALL (Allowed: The bundled scripts/convert_to_gguf.py references sudo apt-get install / sudo yum install for optional system packages (build tools) when converting trained models to GGUF format. These run in ephemeral HF Jobs containers, not on the user's host. The script is HF-authored and documented in SKILL.md.)
    • TOOL_ABUSE_SYSTEM_PACKAGE_INSTALL (Allowed: The bundled scripts/convert_to_gguf.py references sudo apt-get install / sudo yum install for optional system packages (build tools) when converting trained models to GGUF format. These run in ephemeral HF Jobs containers, not on the user's host. The script is HF-authored and documented in SKILL.md.)
    • TOOL_ABUSE_SYSTEM_PACKAGE_INSTALL (Allowed: The bundled scripts/convert_to_gguf.py references sudo apt-get install / sudo yum install for optional system packages (build tools) when converting trained models to GGUF format. These run in ephemeral HF Jobs containers, not on the user's host. The script is HF-authored and documented in SKILL.md.)
    • TOOL_ABUSE_SYSTEM_PACKAGE_INSTALL (Allowed: The bundled scripts/convert_to_gguf.py references sudo apt-get install / sudo yum install for optional system packages (build tools) when converting trained models to GGUF format. These run in ephemeral HF Jobs containers, not on the user's host. The script is HF-authored and documented in SKILL.md.)
    • DATA_EXFIL_NETWORK_REQUESTS (Allowed: Bundled helper scripts (scripts/dataset_inspector.py, scripts/hf_benchmarks.py) use urllib.request to query the public Hugging Face Hub API for dataset validation and benchmark lookups — documented workflow steps required by the skill.)
    • DATA_EXFIL_NETWORK_REQUESTS (Allowed: Bundled helper scripts (scripts/dataset_inspector.py, scripts/hf_benchmarks.py) use urllib.request to query the public Hugging Face Hub API for dataset validation and benchmark lookups — documented workflow steps required by the skill.)
    • DATA_EXFIL_NETWORK_REQUESTS (Allowed: Bundled helper scripts (scripts/dataset_inspector.py, scripts/hf_benchmarks.py) use urllib.request to query the public Hugging Face Hub API for dataset validation and benchmark lookups — documented workflow steps required by the skill.)

✅ huggingface-paper-publisher

  • Status: Passed
  • Findings: 8
  • Allowed (not blocking): 4
    • BEHAVIOR_CROSSFILE_ENV_VAR_EXFILTRATION (Allowed: False positive - same root cause as BEHAVIOR_ENV_VAR_EXFILTRATION
      above. The "crossfile" detection is from paper_manager.py reading
      env vars and triggering its own network helpers within the same file/
      module. All network destinations are huggingface.co or
      export.arxiv.org. Verified at digest
      acd2bf5a7126994e15143bec061fe87a882811f3.
      )
    • TOOL_ABUSE_UNDECLARED_NETWORK (Allowed: The skill uses network access through its bundled paper_manager.py script (as its documented workflow), but does not declare an explicit network-access tool in frontmatter. All network calls target the public Hugging Face Hub API documented in the SKILL.md.)
    • BEHAVIOR_ENV_VAR_EXFILTRATION (Allowed: False positive - matches scripts/paper_manager.py reading HF_TOKEN
      (line 44) and making requests.get() calls to
      https://huggingface.co/papers/{arxiv_id} (lines 69, 98, 179, 215) and
      https://export.arxiv.org/api/query (line 352, no token sent). This
      is the standard, intended HF API auth pattern — token issued by
      huggingface.co is sent back to huggingface.co. Source domain == sink
      domain. Verified at digest acd2bf5a7126994e15143bec061fe87a882811f3.
      )
    • MANIFEST_MISSING_LICENSE (Allowed: huggingface/skills is licensed Apache-2.0 at the repository root; upstream does not embed an SPDX license identifier in per-skill SKILL.md frontmatter.)

✅ huggingface-papers

  • Status: Passed
  • Findings: 4
  • Allowed (not blocking): 1
    • MANIFEST_MISSING_LICENSE (Allowed: huggingface/skills is licensed Apache-2.0 at the repository root; upstream does not embed an SPDX license identifier in per-skill SKILL.md frontmatter.)

✅ huggingface-tool-builder

  • Status: Passed
  • Findings: 4

✅ huggingface-trackio

  • Status: Passed
  • Findings: 5
  • Allowed (not blocking): 1
    • MANIFEST_MISSING_LICENSE (Allowed: huggingface/skills is licensed Apache-2.0 at the repository root; upstream does not embed an SPDX license identifier in per-skill SKILL.md frontmatter.)

✅ huggingface-vision-trainer

  • Status: Passed
  • Findings: 7

✅ transformers-js

  • Status: Passed
  • Findings: 2

Summary: Scanned 12 skill(s), all passed security checks. ✅

@renovate renovate Bot changed the title chore(deps): update huggingface/skills digest to 35c1c60 chore(deps): update huggingface/skills digest to 6bbfb54 May 3, 2026
@renovate renovate Bot force-pushed the renovate/huggingface-skills-digest branch from 96dabb2 to bedab0e Compare May 3, 2026 10:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants