nemoclaw-user-manage-policy

Pass

Audited by Gen Agent Trust Hub on Jun 18, 2026

Risk Level: SAFECOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill guides the agent to execute administrative commands via the nemoclaw and openshell CLI tools to modify network policies, manage messaging channels, and perform network probes (e.g., using node -e). These operations are used to manage the security posture of the sandbox environment.
  • [REMOTE_CODE_EXECUTION]: Documentation in references/approve-network-requests.md references a local script file (./scripts/walkthrough.sh). This script is not included in the provided skill files, preventing static verification of its content.
  • [PROMPT_INJECTION]: The skill allows the agent to process and apply "Custom Preset Files" (YAML format) from the local filesystem. This constitutes an indirect prompt injection surface as the agent is instructed to ingest and enforce configuration from external files that could be maliciously crafted. Mandatory Evidence Chain: 1. Ingestion points: nemoclaw-blueprint/policies/presets/ (user-authored YAML files). 2. Boundary markers: Absent. 3. Capability inventory: Command execution (nemoclaw, openshell), file writing and editing. 4. Sanitization: No sanitization or validation of the YAML content is described.
  • [EXTERNAL_DOWNLOADS]: The skill facilitates configuring network access to numerous well-known third-party services, such as GitHub, npm, PyPI, and various messaging platforms (Slack, Discord, Telegram). These references are documented neutrally as they target established technology providers.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 18, 2026, 04:35 PM
Security Audit — agent-trust-hub — nemoclaw-user-manage-policy