jetson-quick-start
Pass
Audited by Gen Agent Trust Hub on Jun 22, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill ingests data from local catalogue files and existing configuration profiles, creating an attack surface for indirect prompt injection if those files are tampered with. \n
- Ingestion points: The skill parses
../../references/bsp-platforms-catalogue.mdand readstarget-platform/*.yamlto construct questionnaire choices and survey current environment state. \n - Boundary markers: No explicit delimiters or isolation instructions are implemented to prevent the AI from following commands potentially embedded within the catalogue or configuration data. \n
- Capability inventory: The skill dispatches instructions to downstream tools that can perform sensitive hardware operations, including device flashing and file system mutations. \n
- Sanitization: While interactive UI responses are normalized, the data extracted from external catalogue files is parsed without explicit sanitization or filtering for embedded AI instructions. \n- [EXTERNAL_DOWNLOADS]: The skill retrieves software release metadata from the official NVIDIA Jetson Linux archive at
developer.nvidia.com. This is an expected and legitimate operation for a vendor-provided tool to provide up-to-date version options. \n- [SAFE]: The skill package contains a digital signature bundle (skill.oms.sig), ensuring that the instructions and associated files originate from the verified vendor and have not been altered in transit.
Audit Metadata