node-connect
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses local CLI tools including openclaw and tailscale to retrieve connectivity configuration and manage device approvals. These commands are diagnostic in nature and relevant to the skill's purpose.
- [PROMPT_INJECTION]: The skill ingests user-provided error messages, which presents an indirect prompt injection surface. Ingestion points: User-provided error text and status reports (SKILL.md). Boundary markers: No explicit delimiters or ignore instructions are present. Capability inventory: Local execution of openclaw and tailscale commands, including pairing approval (SKILL.md). Sanitization: No input sanitization or validation is specified.
Audit Metadata