Skills
skills/nvidia/openshell/generate-sandbox-policy/Gen Agent Trust Hub

generate-sandbox-policy

Pass

Audited by Gen Agent Trust Hub on May 6, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it retrieves and parses content from external URLs to generate security-sensitive configurations.
  • Ingestion points: User-provided URLs and URLs discovered via WebSearch are fetched to extract API endpoint information as described in Step 1 and Step 2 of SKILL.md.
  • Boundary markers: The instructions do not specify the use of clear delimiters or instructions to ignore embedded commands when processing the fetched documentation.
  • Capability inventory: The skill is capable of creating and modifying security policy files on the filesystem (SKILL.md Step 7), which directly control network access permissions.
  • Sanitization: There are no explicit instructions to sanitize or validate the content of the fetched documentation before it is parsed for policy generation.
Audit Metadata
Risk Level
SAFE
Analyzed
May 6, 2026, 08:13 AM