nemoclaw-user-configure-security

Pass

Audited by Gen Agent Trust Hub on Jun 18, 2026

Risk Level: SAFENO_CODE
Full Analysis
  • [SAFE]: The skill consists exclusively of reference documents, metadata, and evaluation reports. It contains no executable scripts, shell commands, or active logic that could be abused.
  • [PROMPT_INJECTION]: Documentation in references/openclaw-controls.md mentions prompt injection patterns such as "ignore all previous instructions" within a table describing system detection capabilities. This is purely educational documentation and does not constitute a functional injection attack.
  • [DATA_EXFILTRATION]: Technical documentation in references/best-practices.md analyzes data exfiltration risks in the context of network policy configuration. These descriptions are part of a risk framework intended to help users justify and maintain a secure posture.
  • [CREDENTIALS_UNSAFE]: The documentation in references/credential-storage.md describes secure credential management practices, such as storing secrets in the OpenShell gateway instead of on disk. No hardcoded credentials or unsafe secret handling instructions were identified.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 18, 2026, 04:36 PM
Security Audit — agent-trust-hub — nemoclaw-user-configure-security