nemoclaw-maintainer-release-notes

Pass

Audited by Gen Agent Trust Hub on Jun 18, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill invokes git and gh commands to inspect repository tags and retrieve metadata. These commands are necessary for the skill's primary function and are correctly scoped to the official NemoClaw repository.
  • [EXTERNAL_DOWNLOADS]: Release data and contributor membership status are fetched via the GitHub API. These network operations are conducted against a well-known service and the vendor's own organization infrastructure, which is consistent with the skill's purpose.
  • [PROMPT_INJECTION]: The skill processes untrusted input from pull request titles and descriptions when generating summaries, presenting a surface for indirect prompt injection. This risk is managed by the skill's design, which generates a static Markdown draft for manual maintainer verification rather than executing commands derived from the PR content.
  • Ingestion points: PR metadata (titles, bodies, authors) retrieved via gh pr view as described in Step 2 of SKILL.md.
  • Boundary markers: None specified in the instructions.
  • Capability inventory: Shell command execution (git, gh, sed, printf) and local filesystem writes for draft creation.
  • Sanitization: No explicit sanitization or escaping of pull request content is performed prior to interpolation into the draft.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 18, 2026, 05:27 AM
Security Audit — agent-trust-hub — nemoclaw-maintainer-release-notes