nemoclaw-maintainer-normalize-title-tags

Pass

Audited by Gen Agent Trust Hub on Jun 18, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes the GitHub CLI (gh) and a local TypeScript script using execFileSync. This method is secure as it avoids shell interpolation and correctly handles arguments as an array.
  • [DATA_EXFILTRATION]: The skill interacts with the official GitHub API to read and update issue titles. This behavior is restricted to the intended maintenance task and targets the specified repository (NVIDIA/NemoClaw by default).
  • [SAFE]: The code implements a strict workflow including a verification step (gh auth status), a mandatory dry-run preview, and explicit user approval before applying any changes to the repository.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 18, 2026, 05:27 AM
Security Audit — agent-trust-hub — nemoclaw-maintainer-normalize-title-tags