nushell-usage
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (LOW): The file
references/advanced-patterns.mdcontains multiple examples of network operations using the built-inhttp getcommand and thecurlutility to fetch data from URLs. \n- [COMMAND_EXECUTION] (LOW): Documentation inreferences/advanced-patterns.mddemonstrates the execution of external system commands, specificallycurl, to handle network failures in a 'robust-fetch' pattern. \n- [Indirect Prompt Injection] (LOW): The skill documents patterns for ingesting untrusted data from external sources (URLs) and processing it through functions likefrom json. This represents an attack surface for indirect prompt injection. \n - Ingestion points:
http get $urlandcurl -s $urlpatterns inreferences/advanced-patterns.md. \n - Boundary markers: None present in the code examples. \n
- Capability inventory: Network access (
http get,curl), file system writing (save-to-file), and parallel execution (par-each). \n - Sanitization: No explicit sanitization or input validation logic is shown in the provided examples.
Audit Metadata