skills(cuopt-developer): update for mathematical_optimization namespace refactor

[ramakrishnap-nv]

Update cuopt-developer skill content for the mathematical_optimization namespace refactor from #1446.

Summary

• Port skill changes from Refactor: mathematical_optimization namespace #1446 to a dedicated per-skill PR
• Adds blank line under SKILL.md header to trigger NVSkills evaluation and signing

NVSkills CI

Comment /nvskills-ci to trigger evaluation and signing.

[github-actions]

CI Test Summary

✅ All 0 test job(s) passed.

[ramakrishnap-nv]

/nvskills-ci

[coderabbitai]

Caution

Review failed

Failed to post review comments.

GitHub was unavailable or timed out while CodeRabbit was posting the review. Please request a new review later if the pull request still needs one. This happened while posting 1 inline comment. Use @coderabbitai full review to retry the review.

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: a7dbf797-c130-48b8-8d07-d222643d05ab

📥 Commits

Reviewing files that changed from the base of the PR and between 0549423 and 3fd6775.

📒 Files selected for processing (4)

• skills/cuopt-developer/BENCHMARK.md
• skills/cuopt-developer/SKILL.md
• skills/cuopt-developer/skill-card.md
• skills/cuopt-developer/skill.oms.sig

🧰 Additional context used

📓 Path-based instructions (2)

skills/**

📄 CodeRabbit inference engine (CONTRIBUTING.md)

PRs that change content under skills/ must be validated by NVSkills CI with the /nvskills-ci comment before merge; the bot will push a signature commit that must remain in the PR

Files:

• skills/cuopt-developer/SKILL.md
• skills/cuopt-developer/BENCHMARK.md
• skills/cuopt-developer/skill.oms.sig
• skills/cuopt-developer/skill-card.md

**

⚙️ CodeRabbit configuration file

**: # Contributing to cuOpt

Contributions to NVIDIA cuOpt fall into the following categories:

1. To report a bug, request a new feature, or report a problem with documentation, please file an
   issue describing the problem or new feature
   in detail. The NVIDIA cuOpt team evaluates and triages issues, and schedules them for a release. If you
   believe the issue needs priority attention, please comment on the issue to notify the team.
2. To propose and implement a new feature, please file a new feature request
   issue. Describe the intended feature and
   discuss the design and implementation with the team and community. Once the team agrees that the
   plan looks good, go ahead and implement it, using the code contributions
   guide below.
3. To implement a feature or bug fix for an existing issue, please follow the code
   contributions guide below. If you need more context on a particular issue,
   please ask in a comment or create a question in issues.

Code contributions

Branching Strategy

Starting with RAPIDS v25.12, cuOpt follows the new RAPIDS branching strategy. The main branch represents the latest development state and is the default target for all pull requests during the development phase. During release preparation, a release branch (release/YY.MM) is created from main and serves as the release branch.

Key points:

• Default branch: Always main (latest and greatest)
• During development phase: All PRs target main
• During burn down: A release branch release/YY.MM is created from main
  • PRs intended for the current release must be re-targeted to the release branch
  • PRs intended for the next release should continue targeting main
• Forward merging: PRs merged into the release branch are automatically forward-merged to main
• After release: Th...

Files:

• skills/cuopt-developer/SKILL.md
• skills/cuopt-developer/BENCHMARK.md
• skills/cuopt-developer/skill.oms.sig
• skills/cuopt-developer/skill-card.md

🪛 SkillSpector (2.2.3)

skills/cuopt-developer/SKILL.md

[warning] 73: [EA2] Autonomous Decision Making: Skill enables autonomous high-impact decisions without human-in-the-loop verification. Critical operations (destructive commands, financial transactions, data deletion) should require explicit user confirmation.

Remediation: Add human-in-the-loop confirmation for destructive, irreversible, or high-impact operations. Never auto-execute commands that modify files, send data, or alter system state.

(Excessive Agency (EA2))

---

[warning] 242: [PE2] Sudo/Root Execution: Commands invoke sudo or root privileges. Verify this elevated access is necessary and justified.

Remediation: Avoid sudo/root unless strictly required. Prefer least-privilege patterns. If elevation is needed, document the justification and scope.

(Privilege Escalation (PE2))

---

[warning] 36: [RA2] Session Persistence: Skill establishes unauthorized persistence across sessions via cron jobs, startup scripts, or state files. Session persistence allows an attacker to maintain access beyond the current interaction.

Remediation: Remove any persistence mechanisms (cron jobs, startup scripts, state files). Skills should not maintain state across sessions without explicit user consent.

(Rogue Agent (RA2))

---

[error] 38: [TM1] Tool Parameter Abuse: Tool parameters are crafted to achieve unintended or unsafe behavior. Parameter abuse can bypass intended safety checks (e.g. shell=True, --force, dangerous glob patterns).

Remediation: Validate all tool parameters against an allowlist. Reject dangerous parameter values (shell=True, --force, -rf /) and use safe defaults.

(Tool Misuse (TM1))

---

[error] 157: [TM1] Tool Parameter Abuse: Tool parameters are crafted to achieve unintended or unsafe behavior. Parameter abuse can bypass intended safety checks (e.g. shell=True, --force, dangerous glob patterns).

Remediation: Validate all tool parameters against an allowlist. Reject dangerous parameter values (shell=True, --force, -rf /) and use safe defaults.

(Tool Misuse (TM1))

---

[error] 171: [TM1] Tool Parameter Abuse: Tool parameters are crafted to achieve unintended or unsafe behavior. Parameter abuse can bypass intended safety checks (e.g. shell=True, --force, dangerous glob patterns).

Remediation: Validate all tool parameters against an allowlist. Reject dangerous parameter values (shell=True, --force, -rf /) and use safe defaults.

(Tool Misuse (TM1))

---

[error] 217: [TM1] Tool Parameter Abuse: Tool parameters are crafted to achieve unintended or unsafe behavior. Parameter abuse can bypass intended safety checks (e.g. shell=True, --force, dangerous glob patterns).

Remediation: Validate all tool parameters against an allowlist. Reject dangerous parameter values (shell=True, --force, -rf /) and use safe defaults.

(Tool Misuse (TM1))

---

[error] 39: [TM1] Tool Parameter Abuse: Tool parameters are crafted to achieve unintended or unsafe behavior. Parameter abuse can bypass intended safety checks (e.g. shell=True, --force, dangerous glob patterns).

Remediation: Validate all tool parameters against an allowlist. Reject dangerous parameter values (shell=True, --force, -rf /) and use safe defaults.

(Tool Misuse (TM1))

---

[error] 39: [TM1] Tool Parameter Abuse: Tool parameters are crafted to achieve unintended or unsafe behavior. Parameter abuse can bypass intended safety checks (e.g. shell=True, --force, dangerous glob patterns).

Remediation: Validate all tool parameters against an allowlist. Reject dangerous parameter values (shell=True, --force, -rf /) and use safe defaults.

(Tool Misuse (TM1))

📝 Walkthrough

Walkthrough

The cuOpt developer skill package was updated with revised documentation, refreshed benchmark values, and a replaced Sigstore bundle. One markdown file also gained a blank line.

Changes

cuOpt developer skill package

Layer / File(s)	Summary
Skill docs and benchmark skills/cuopt-developer/SKILL.md, skills/cuopt-developer/BENCHMARK.md, skills/cuopt-developer/skill-card.md	skill-card.md was rewritten with new use-case, requirements, output, and evaluation text; BENCHMARK.md updated the evaluation date and result metrics; SKILL.md gained one blank line.
Updated Sigstore bundle skills/cuopt-developer/skill.oms.sig	The DSSE payload and signature in the Sigstore bundle were replaced.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Suggested reviewers

• mlubin
• tmckayus

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately reflects the cuOpt developer skill update for the mathematical_optimization namespace refactor.
Description check	✅ Passed	The description matches the changes and explains the per-skill port plus NVSkills trigger.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch skills/update-cuopt-developer-math-opt-namespace

---

_{Comment @coderabbitai help to get the list of available commands.}

[copy-pr-bot]

This pull request requires additional validation before any workflows can run on NVIDIA's runners.

Pull request vetters can view their responsibilities here.

Contributors can view more details about this message here.

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@skills/cuopt-developer/skill-card.md`:
- Around line 17-19: The skill card’s Requirements/Dependencies section leaves
the API key or external credential requirement ambiguous, while the credential
types already indicate none are needed. Update the Requirements / Dependencies
entry in the skill-card content to make the credential requirement explicit by
using a clear “No” value, and keep the existing credential type summary aligned
with that explicit statement.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: a7dbf797-c130-48b8-8d07-d222643d05ab

📥 Commits

Reviewing files that changed from the base of the PR and between 0549423 and 3fd6775.

📒 Files selected for processing (4)

• skills/cuopt-developer/BENCHMARK.md
• skills/cuopt-developer/SKILL.md
• skills/cuopt-developer/skill-card.md
• skills/cuopt-developer/skill.oms.sig

[coderabbitai]

🎯 Functional Correctness | 🟡 Minor | ⚡ Quick win

Make the credential requirement explicit.

Line 18 marks the requirement as unknown, but Line 19 already says no credential types were identified. Use an explicit No here so consumers do not treat the skill prerequisites as unresolved.

Suggested edit

-**Requires API Key or External Credential:** [Not Specified] <br>
+**Requires API Key or External Credential:** [No] <br>

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	## Requirements / Dependencies: <br>
	**Requires API Key or External Credential:** [Not Specified] <br>
	**Credential Type(s):** [None identified] <br>
	## Requirements / Dependencies: <br>
	**Requires API Key or External Credential:** [No] <br>
	**Credential Type(s):** [None identified] <br>

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@skills/cuopt-developer/skill-card.md` around lines 17 - 19, The skill card’s
Requirements/Dependencies section leaves the API key or external credential
requirement ambiguous, while the credential types already indicate none are
needed. Update the Requirements / Dependencies entry in the skill-card content
to make the credential requirement explicit by using a clear “No” value, and
keep the existing credential type summary aligned with that explicit statement.

[ramakrishnap-nv]

/ok to test 3fd6775