code-manage-nix
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes system commands including 'nix-locate', 'nix-shell', and 'nix flake check' to manage and verify environment configurations. These operations are performed via Bash as described in SKILL.md and SUBAGENT.md.- [EXTERNAL_DOWNLOADS]: The skill identifies and integrates external dependencies from the Nixpkgs repository into the local project environment. This involves fetching package metadata and potentially downloading software packages during the verification step ('nix-shell').- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted data from user input and web search results to modify configuration files.
- Ingestion points: User-provided package names and WebSearch/code-researcher results (SKILL.md, SUBAGENT.md).
- Boundary markers: Absent; the process does not use delimiters to isolate untrusted package names from the Nix configuration logic.
- Capability inventory: File modification ('write_file', 'replace') and command execution ('nix-shell', 'nix-locate') are used to apply and test the injected content.
- Sanitization: Absent; the skill relies on simple verification ('nix flake check') which executes the resulting configuration to check for errors.
Audit Metadata