hsb-setup
Warn
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: MEDIUMCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill uses SSH heredoc patterns to execute large blocks of code and scripts on remote devkits. It also downloads and runs build scripts (
docker/build.sh) from an external GitHub repository. - [CREDENTIALS_UNSAFE]: The skill interacts with highly sensitive files, including
~/.ssh/authorized_keysand~/.docker/config.json. Specifically, it contains logic to propagate the current user's Docker credentials to every human user account on the target system. - [COMMAND_EXECUTION]: The skill makes extensive use of the
Bashtool to run privileged commands viasudo. This includes modifying system configuration files (/etc/sysctl.d/), creating systemd services (jetson_clocks.service), and adding multiple users to thedockergroup, which is a known vector for privilege escalation. - [EXTERNAL_DOWNLOADS]: The skill clones and pulls code from a remote repository (
nvidia-holoscan/holoscan-sensor-bridge.git). While originating from a well-known organization, executing unverified code from external sources carries inherent supply-chain risks. - [DATA_EXFILTRATION]: The skill's ability to read credential files and system configuration, combined with its usage of network-enabled tools like
sshandgit, creates a technical surface for potential data exfiltration.
Audit Metadata