nx-tools
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill executes local Nx commands using secure subprocess patterns.
- Evidence: All handlers in
nx.pyusesubprocess.runwith argument lists (tuples) instead of shell strings. - Mitigation: This prevents shell injection attacks where an attacker might try to run additional commands using shell syntax like
;or&&. - [PROMPT_INJECTION] (LOW): The skill exposes a surface for indirect prompt injection by reading workspace configuration and command outputs.
- Ingestion points: Workspace metadata from
nx showand command results fromnx run-many(found innx.py). - Boundary markers: The skill does not use specific delimiters or instructions to ignore nested commands in the workspace data.
- Capability inventory: The skill has the ability to execute various shell-based commands through its command handlers.
- Sanitization: No sanitization is performed on the data retrieved from the workspace. This is a common surface for workspace tools and is considered a low risk for this use case.
Audit Metadata