nutrient-openclaw
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the official
@nutrient-sdk/nutrient-openclawpackage from the NPM registry. This is a legitimate dependency provided by the service vendor for integrating with their API. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes content from external, potentially untrusted documents (PDF, DOCX, etc.) during OCR and text extraction tasks.
- Ingestion points: Document files uploaded by users or fetched from URLs are passed to tools like
nutrient_extract_textandnutrient_ocrfor processing. - Boundary markers: The skill metadata does not specify the use of delimiters or 'ignore' instructions to separate extracted document content from the agent's core instructions.
- Capability inventory: The skill possesses the ability to read file content and transmit it to a third-party API (
nutrient.io) for transformation and extraction. - Sanitization: No explicit sanitization or filtering of the extracted text is described before it is returned to the agent's context.
Audit Metadata