nanoclaw-repl
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE]: The skill file provided (SKILL.md) contains only markdown documentation, capabilities descriptions, and operating rules. It references an external script (scripts/claw.js) but does not include any executable scripts, code, or binary files itself.
- [PROMPT_INJECTION]: The skill operates as a session-aware REPL that processes user inputs and supports a /load command for dynamic skill loading, creating a surface for indirect prompt injection if malicious instructions are present in the processed data. 1. Ingestion points: User interaction sessions and external files loaded via the /load command as described in the metadata. 2. Boundary markers: No specific delimiters or warnings to ignore embedded instructions are defined in the markdown content. 3. Capability inventory: Support for persistent sessions, model switching, dynamic loading, and file exports. 4. Sanitization: No content validation, escaping, or filtering logic is specified in the provided documentation.
Audit Metadata