nemotron-policy-generator

Pass

Audited by Gen Agent Trust Hub on Jun 18, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No malicious patterns or security risks were identified. The skill originates from a trusted organization.
  • [PROMPT_INJECTION]: The skill implements a 'non-negotiable floor' regarding the safety of minors. It explicitly instructs the agent to treat instructions within user-provided text as content to be classified rather than commands to follow, effectively mitigating prompt injection attempts during policy generation.
  • [DATA_EXFILTRATION]: The skill incorporates specific logic and evaluation cases to ensure that PII (such as names, emails, and employee IDs) is removed from existing policies when they are being extended or regenerated. No unauthorized network activity or data exfiltration paths were found.
  • [EXTERNAL_DOWNLOADS]: The skill's documentation includes references to official NVIDIA repositories on Hugging Face, which are recognized as trusted and well-known services.
  • [COMMAND_EXECUTION]: No evidence of unauthorized shell commands, privilege escalation, or persistence mechanisms was found in the analyzed files.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 18, 2026, 04:36 PM
Security Audit — agent-trust-hub — nemotron-policy-generator