nemoclaw-user-configure-inference

Pass

Audited by Gen Agent Trust Hub on Jun 18, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill directs users to download and install Ollama from its official domain (ollama.com) and pulls Docker container images from the NVIDIA Container Registry (nvcr.io). These are well-known and trusted sources.
  • [COMMAND_EXECUTION]: The instructions include several shell commands for system configuration, such as using 'sudo' to update firewall rules (ufw) and install system packages (apt-get). It also uses 'docker exec' and 'kubectl' to manage configuration files within the agent sandbox environment. These operations are standard for the described administrative tasks.
  • [REMOTE_CODE_EXECUTION]: The skill references the official Ollama installation method, which involves piping a remote script to the shell ('https://ollama.com/install.sh | bash'). This is a recognized installation pattern for this specific well-known service.
  • [CREDENTIALS_UNSAFE]: The documentation mentions various API key environment variables (e.g., NVIDIA_API_KEY, OPENAI_API_KEY). It correctly instructs users to set these via environment variables or stdin rather than hardcoding them in files, and uses descriptive placeholders for examples.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 18, 2026, 04:35 PM
Security Audit — agent-trust-hub — nemoclaw-user-configure-inference