nemoclaw-maintainer-verify-stale

Pass

Audited by Gen Agent Trust Hub on Jun 18, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches the NemoClaw installer from the vendor domain (nvidia.com) and the Ollama installer from a well-known service (ollama.com).
  • [REMOTE_CODE_EXECUTION]: Executes reproduction scripts on remote cloud instances. These scripts are extracted or synthesized from untrusted GitHub issue content, creating an indirect prompt injection surface. The skill mitigates this by running the code in isolated temporary VMs and applying a comprehensive redaction pass on all captured output.
  • Ingestion points: GitHub issue bodies and comments retrieved via the GitHub CLI.
  • Boundary markers: Uses standard shell script boundaries during execution but lacks specific LLM instruction delimiters for synthesized reproducers.
  • Capability inventory: Execution of bash scripts on remote VMs, GitHub issue modification, and Project item management.
  • Sanitization: Employs a regex-based redaction pass for secrets and PII.
  • [COMMAND_EXECUTION]: Utilizes system utilities such as pkill and rm on the remote test instance to ensure a clean state between test runs.
  • [SAFE]: Implements a robust credential management strategy that prompts for API keys and stores them in local files to prevent exposure in process arguments or shell history. It also features a multi-stage redaction process to scrub credentials, email addresses, and internal network details from any text published back to GitHub.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 18, 2026, 05:28 AM
Security Audit — agent-trust-hub — nemoclaw-maintainer-verify-stale