Skills
skills/kylefu8/nuwa-openclaw-skill/nuwa/Gen Agent Trust Hub

nuwa

Pass

Audited by Gen Agent Trust Hub on Apr 6, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The scripts/search.sh script performs automated installation of the ddgs and trafilatura Python packages from PyPI using pip3 install if they are not detected on the system.
  • [COMMAND_EXECUTION]: The skill executes a local shell script (scripts/search.sh) to handle web searching and content extraction tasks when the primary Tavily API is unavailable.
  • [REMOTE_CODE_EXECUTION]: The search.sh script executes inline Python code using python3 -c to process search results and extract webpage content.
  • [INDIRECT_PROMPT_INJECTION]: The skill has a high exposure to indirect prompt injection as it is designed to ingest and process content from social media, blogs, and other web sources to generate its output.
  • Ingestion points: Web content fetched via Tavily, DuckDuckGo, and the trafilatura library.
  • Boundary markers: The skill uses markdown blockquotes (>) to separate original quotes from its own analysis in intermediate files.
  • Capability inventory: The skill has the ability to execute shell scripts, spawn sub-agents, and use browser automation tools.
  • Sanitization: No specific mechanisms are implemented to sanitize or filter potential malicious instructions embedded in the crawled web data.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 6, 2026, 04:02 PM