holoscan-install-conda
Fail
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: Downloads a Miniforge installation script from the well-known conda-forge GitHub repository and executes it via bash to establish the Conda environment.
- [EXTERNAL_DOWNLOADS]: Fetches example Python scripts and YAML configurations from the official NVIDIA Holoscan GitHub repository to verify the SDK installation.
- [COMMAND_EXECUTION]: Executes system diagnostics like
nvidia-smiand runtime configurations such asulimit. It also instructs the agent to suggest or perform modifications to shell configuration files (e.g.,.bashrc) to persist the Conda environment setup across sessions. - [PROMPT_INJECTION]: The skill directs the agent to retrieve instructions from an external documentation site (
docs.nvidia.com) and explicitly states that instructions from that site should take precedence over the skill's own content. This creates a surface for indirect prompt injection if the external documentation content is modified. - Ingestion points: The Holoscan SDK installation guide at docs.nvidia.com referenced in Step 0 of SKILL.md.
- Boundary markers: Absent; there are no specific delimiters to isolate the external instructions from the agent's core logic.
- Capability inventory: The skill has the capability to execute shell commands, manage Conda environments, and write files in the local workspace.
- Sanitization: Absent; the agent is instructed to follow the external content without prior validation or filtering.
Recommendations
- HIGH: Downloads and executes remote code from: https://github.com/conda-forge/miniforge/releases/latest/download/Miniforge3-Linux-x86_64.sh - DO NOT USE without thorough review
Audit Metadata