Skills
skills/nvidia/openshell/generate-sandbox-policy/Gen Agent Trust Hub

generate-sandbox-policy

Pass

Audited by Gen Agent Trust Hub on May 14, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No malicious patterns were detected. The skill is a legitimate developer tool designed to enhance security by creating restrictive network policies.
  • [PROMPT_INJECTION]: The skill maintains an indirect prompt injection surface as it is designed to fetch and process external data to inform policy generation.
  • Ingestion points: The skill uses WebFetch to download API documentation from external URLs during the auto-discovery process (documented in Step 2 of SKILL.md).
  • Boundary markers: There are no explicit instructions to use delimiters or ignore embedded instructions within the fetched external documentation.
  • Capability inventory: The skill has the capability to read, create, and modify policy files (e.g., sandbox-policy.yaml) as described in Step 7 of SKILL.md.
  • Sanitization: The instructions do not specify a requirement for the agent to sanitize or validate the content of the retrieved documentation before processing it.
Audit Metadata
Risk Level
SAFE
Analyzed
May 14, 2026, 07:47 AM
Security Audit — agent-trust-hub — generate-sandbox-policy