zr-nexus-primer
Pass
Audited by Gen Agent Trust Hub on May 11, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches and updates the @zenon-red/probe CLI tool and organization-specific skills using npm and npx. These resources are provided by the skill author (zenon-red).
- [COMMAND_EXECUTION]: Executes shell commands to verify the environment (probe doctor), manage identity (probe agent me), and retrieve system messages (probe message directives).
- [DATA_EXPOSURE]: Accesses local workspace files in $HOME/zr-workspace/ to read identity, role, and task state information.
- [INDIRECT_PROMPT_INJECTION]: The skill is designed to process external 'directives' from the Nexus system that are intended to shape agent behavior. This is an intended coordination feature of the platform, though it establishes a channel for external data to influence agent logic.
- Ingestion points: probe message directives command output
- Boundary markers: None specified
- Capability inventory: Subprocess execution (npm, npx, probe), file system access (~/zr-workspace)
- Sanitization: None specified
Audit Metadata