nvr-workspace
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes system commands such as pwd, git, and nvr to collect environment metadata. It also invokes a local script, nvr-discover, to identify active Neovim instances. These operations are essential for the skill's stated purpose of workspace discovery.
- [PROMPT_INJECTION]: The skill presents an attack surface for indirect prompt injection by processing data from the local environment without sanitization. * Ingestion points: Data is captured from the filesystem (pwd) and version control (git branch) and directly included in the agent's context. * Boundary markers: No delimiters or protective instructions are used to separate environment data from system instructions. * Capability inventory: The skill is authorized to use the Bash tool, which provides extensive system interaction capabilities. * Sanitization: There is no validation or escaping of environment strings, allowing potential instructions embedded in paths or branch names to be interpreted by the agent.
Audit Metadata