Skills
skills/novitalabs/novita-skills/novita-sandbox/Gen Agent Trust Hub

novita-sandbox

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTIONREMOTE_CODE_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches skill definition files and CLI references from the author's official GitHub repository (novitalabs/novita-skills).
  • [COMMAND_EXECUTION]: Executes shell commands to install the novita-sandbox-cli via NPM and uses system package managers to configure the local Node.js environment.
  • [REMOTE_CODE_EXECUTION]: Employs the official NodeSource installation script to configure Node.js on Linux systems, which is a standard practice for development environments.
  • [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it processes output from remote agents via the agent invoke command. Ingestion points: Remote agent response data received from novita-sandbox-cli agent invoke (SKILL.md). Boundary markers: No specific delimiters or instructions are provided to the agent to ignore potentially malicious content within the remote agent's response. Capability inventory: Extensive system and platform management capabilities including sandbox create, sandbox kill, and template delete (SKILL.md and references/cli-reference.md). Sanitization: No sanitization or validation of the remote agent's response is performed before it enters the local agent's context.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 05:29 PM