nimble-web-expert
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill is a legitimate tool for web scraping and search, with all external resources originating from the vendor's infrastructure or well-known services.
- [COMMAND_EXECUTION]: The skill uses the shell to execute the Nimble CLI and other system tools for web data retrieval and file management.
- [REMOTE_CODE_EXECUTION]: The skill provides Python and Shell script templates for the agent to handle complex data tasks and automated investigations at runtime.
- [EXTERNAL_DOWNLOADS]: The skill provides instructions for installing the Nimble CLI and browser automation tools like Playwright.
- [CREDENTIALS_UNSAFE]: The skill manages the Nimble API key by reading from and writing to the agent's persistent configuration file (~/.claude/settings.json).
- [PROMPT_INJECTION]: The skill processes untrusted web data but includes comprehensive instructions to mitigate indirect prompt injection. Evidence Chain: 1. Ingestion points: nimble extract, search, map, and crawl commands in SKILL.md. 2. Boundary markers: Explicit warnings in SKILL.md and rules/output.md to treat web content as untrusted. 3. Capability inventory: Bash (nimble, mkdir, cat, head, ls, python3, uv, npm, open, export, wait), Read, Write. 4. Sanitization: Instructions to save results to files, read incrementally using head/grep, and disregard instructions embedded in scraped content.
Audit Metadata