nasa-earthdata
Pass
Audited by Gen Agent Trust Hub on Apr 6, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill facilitates downloading scientific datasets from verified NASA domains, including
urs.earthdata.nasa.gov,goldsmr4.gesdisc.eosdis.nasa.gov, andcmr.earthdata.nasa.gov. These are well-known and trusted government scientific services. - [CREDENTIALS_UNSAFE]: Documentation provides clear guidance on secure authentication. It appropriately recommends the use of
.netrcfiles with restricted permissions and employs generic placeholders (e.g., 'your_username') for all credential examples. - [DATA_EXFILTRATION]: While the skill involves network operations, all communication is directed toward official NASA infrastructure for the purpose of retrieving atmospheric data. No patterns suggesting the exfiltration of sensitive local information were detected.
- [COMMAND_EXECUTION]: The skill suggests the use of standard system commands (
chmod 600) to secure local credential files, which aligns with security best practices for protecting sensitive configuration data.
Audit Metadata