Skills
skills/novitalabs/novita-skills/novita-docs/Gen Agent Trust Hub

novita-docs

Pass

Audited by Gen Agent Trust Hub on Feb 25, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill fetches supplemental reference documentation from the author's GitHub repository (novitalabs/novita-skills) to provide up-to-date guidance.
  • [COMMAND_EXECUTION]: Instructions guide users to install and use vendor-specific libraries (novita-sandbox) and CLI tools (novita-sandbox-cli) for interacting with the platform.
  • [PROMPT_INJECTION]: The skill utilizes a remote-loading architecture for its documentation, which introduces an indirect prompt injection surface.
  • Ingestion points: SKILL.md directs the agent to fetch markdown files from raw.githubusercontent.com/novitalabs/novita-skills/.
  • Boundary markers: No specific delimiters or safety instructions are used when interpolating the fetched content into the prompt context.
  • Capability inventory: The skill facilitates the generation of API requests, SSH commands, and code execution blocks for the user.
  • Sanitization: The skill relies on the content hosted in the remote repository and does not perform secondary validation of the fetched text.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 25, 2026, 12:19 PM