Skills
skills/dflowprotocol/dflow-skills/dflow-proof-kyc/Gen Agent Trust Hub

dflow-proof-kyc

Pass

Audited by Gen Agent Trust Hub on Apr 23, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill follows security best practices by recommending server-side verification for gated features and correctly handling redirect URI restrictions.
  • [EXTERNAL_DOWNLOADS]: The skill references external resources such as the DFlow docs MCP and the dflow CLI. These are official vendor tools hosted on the author's infrastructure (pond.dflow.net) and do not constitute a security risk.
  • [DATA_EXFILTRATION]: Network operations are restricted to the vendor's public verification API (proof.dflow.net). No sensitive data such as private keys or credentials are sent to third-party or untrusted domains.
  • [COMMAND_EXECUTION]: The skill mentions the use of a CLI tool (dflow), but it does not provide any arbitrary or dangerous shell commands. All instructions are scoped to the intended functionality of KYC verification.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 23, 2026, 04:01 AM