earth2studio-data-fetch

Pass

Audited by Gen Agent Trust Hub on Jun 18, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the agent to fetch documentation and lexicon files from NVIDIA's official GitHub repository (github.com/NVIDIA/earth2studio) and documentation site (nvidia.github.io). These resources are used to ensure the generated scripts use correct and up-to-date API signatures and variables.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it processes external content from remote URLs to guide its behavior.
  • Ingestion points: Documentation pages and Python lexicon files retrieved from GitHub and NVIDIA's documentation domains.
  • Boundary markers: None specified; the agent is directed to treat fetched content as the source of truth.
  • Capability inventory: The skill identifies data sources and generates Python code for execution.
  • Sanitization: No explicit sanitization or validation of the remote content's instructions is performed.
  • [SAFE]: No malicious patterns such as credential exfiltration, obfuscation, or unauthorized command execution were detected. The skill's behavior is consistent with its primary purpose and leverages well-known, trusted organizational resources.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 18, 2026, 04:34 PM
Security Audit — agent-trust-hub — earth2studio-data-fetch