Skills
skills/nvidia/nemoclaw/nemoclaw-maintainer-triage/Gen Agent Trust Hub

nemoclaw-maintainer-triage

Pass

Audited by Gen Agent Trust Hub on Apr 14, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to Indirect Prompt Injection because it ingests untrusted data from GitHub issue and PR titles/bodies to generate suggestions.
  • Ingestion points: External content is fetched via gh issue view and gh pr view in SKILL.md.
  • Boundary markers: There are no explicit instruction-delimiters used when the agent processes the fetched content, though a logical human-in-the-loop checkpoint is required for execution.
  • Capability inventory: The skill has the capability to write to the repository via gh issue/pr edit (labels) and gh issue/pr comment (comments), and it appends logs to a local file system path.
  • Sanitization: No automated sanitization of the fetched GitHub content is performed; the skill relies entirely on the user to review suggestions before approval.
  • [COMMAND_EXECUTION]: The skill utilizes standard system tools and the GitHub CLI to perform its functions.
  • Uses cat to read local documentation (docs/triage-instructions.md).
  • Uses gh to interact with the NVIDIA/NemoClaw repository for both reading and writing.
  • Uses jq for processing JSON data returned by the GitHub API.
  • These commands are consistent with the stated purpose of the skill and the author's context.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 14, 2026, 11:35 PM