nemoclaw-maintainer-security-code-review
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its core function of analyzing external, untrusted code.
- Ingestion points: The skill reads the full content of changed files and git diffs from GitHub repositories in Step 4 of SKILL.md.
- Boundary markers: Absent; there are no instructions or delimiters defined to separate untrusted code from the agent's instructions or to command the agent to ignore instructions found within the code changes.
- Capability inventory: The skill utilizes the GitHub CLI (gh) and git to clone repositories and manage branches (SKILL.md).
- Sanitization: Absent; the skill does not perform any validation or sanitization on the external content before it is processed.
- [EXTERNAL_DOWNLOADS]: Fetches source code and pull request metadata from GitHub's infrastructure using the gh CLI. This operation targets a well-known service and is a prerequisite for the skill's intended purpose of performing code reviews.
Audit Metadata