Skills
skills/cosmix/claude-loom/feature-flags/Gen Agent Trust Hub

feature-flags

Pass

Audited by Gen Agent Trust Hub on Mar 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill implements dynamic regular expression compilation for flag targeting rules.
  • Evidence: new RegExp(v).test(attributeValue) in FeatureFlagService.evaluateTargeting (SKILL.md).
  • Risk: If flag configuration values are sourced from untrusted inputs, it creates a vulnerability to ReDoS attacks.
  • [DATA_EXFILTRATION]: Implementation patterns perform network requests to computed endpoints retrieved from configuration.
  • Evidence: fetch(variant.healthEndpoint) in InfrastructureFlagService and fetch(modelVariant.endpoint) in generateResponse (SKILL.md).
  • Risk: Potential SSRF surface if the backend configuration store (e.g., Redis) is compromised or accepts untrusted data.
  • [PROMPT_INJECTION]: The skill processes untrusted user attributes that can influence agent behavior through conditional feature gates.
  • Ingestion points: EvaluationContext in SKILL.md.
  • Boundary markers: Absent; user attributes are directly converted to strings for rule evaluation.
  • Capability inventory: fetch() for network requests to external model and health endpoints; redis.set() for managing state.
  • Sanitization: Absent; input attributes are processed without escaping or strict validation against a schema.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 17, 2026, 06:42 AM