nim-operator-install
Pass
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs legitimate cluster management operations as described in its documentation. No malicious patterns, obfuscation, or unauthorized data exfiltration were detected.
- [COMMAND_EXECUTION]: The skill uses standard CLI tools (
kubectl,helm) to interact with the Kubernetes cluster. These operations are restricted to discovery and deployment tasks consistent with the skill's purpose. The instructions explicitly mandate user confirmation for all mutating commands. - [EXTERNAL_DOWNLOADS]: The skill references the official NVIDIA Helm repository at
https://helm.ngc.nvidia.com/nvidia. As this is a well-known service belonging to the vendor (NVIDIA), it is considered a safe source for fetching deployment charts. - [INDIRECT_PROMPT_INJECTION]: The skill ingests data from the Kubernetes environment (e.g., node list, pod status, and CRD presence) using discovery commands. While this data could theoretically be manipulated by a malicious actor already present in the cluster to influence the agent, the skill mitigates this risk by requiring the user to review and approve all subsequent installation or upgrade commands.
- Ingestion points: Cluster discovery commands in
SKILL.mdandscripts/validate-nim-operator-install.sh(e.g.,kubectl get nodes,helm status). - Boundary markers: The 'Safety Contract' in
SKILL.mdserves as a procedural boundary by requiring user review before any action. - Capability inventory: Resource modification via
helm upgrade --installandkubectl applyinSKILL.md. - Sanitization: Standard CLI command construction with user review checkpoints.
Audit Metadata