nemoclaw-user-manage-sandboxes

Pass

Audited by Gen Agent Trust Hub on Jun 18, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill references shell scripts hosted on official NVIDIA domains (nvidia.com/nemoclaw.sh) and GitHub repositories (github.com/NVIDIA/NemoClaw/...) for platform installation, maintenance, and uninstallation. These resources are from a trusted vendor and the skill's author.
  • [COMMAND_EXECUTION]: Documentation includes various CLI commands for the nemoclaw and openshell tools to perform health checks, log streaming, diagnostic collection, and sandbox rebuilding.
  • [SAFE]: The skill describes the management of sensitive messaging tokens (Telegram, Discord, Slack, etc.) by storing them in a host-side credential file (~/.nemoclaw/credentials.json) and resolving them via OpenShell providers, which prevents secret exposure within sandbox images.
  • [PROMPT_INJECTION]: The agent is designed to ingest and process user-configurable workspace files (e.g., SOUL.md, USER.md) located at /sandbox/.openclaw/workspace/ to define its persona and memory. This is a standard functional surface for indirect prompt injection if those files are modified by untrusted entities.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 18, 2026, 05:27 AM
Security Audit — agent-trust-hub — nemoclaw-user-manage-sandboxes