jetson-quick-start

Pass

Audited by Gen Agent Trust Hub on Jun 22, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill ingests data from local catalogue files and existing configuration profiles, creating an attack surface for indirect prompt injection if those files are tampered with. \n
  • Ingestion points: The skill parses ../../references/bsp-platforms-catalogue.md and reads target-platform/*.yaml to construct questionnaire choices and survey current environment state. \n
  • Boundary markers: No explicit delimiters or isolation instructions are implemented to prevent the AI from following commands potentially embedded within the catalogue or configuration data. \n
  • Capability inventory: The skill dispatches instructions to downstream tools that can perform sensitive hardware operations, including device flashing and file system mutations. \n
  • Sanitization: While interactive UI responses are normalized, the data extracted from external catalogue files is parsed without explicit sanitization or filtering for embedded AI instructions. \n- [EXTERNAL_DOWNLOADS]: The skill retrieves software release metadata from the official NVIDIA Jetson Linux archive at developer.nvidia.com. This is an expected and legitimate operation for a vendor-provided tool to provide up-to-date version options. \n- [SAFE]: The skill package contains a digital signature bundle (skill.oms.sig), ensuring that the instructions and associated files originate from the verified vendor and have not been altered in transit.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 22, 2026, 08:45 PM
Security Audit — agent-trust-hub — jetson-quick-start