skills/dicklesworthstone/agent_flywheel_clawdbot_skills_and_integrations/agent-fungibility/Gen Agent Trust Hub
agent-fungibility
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE] (SAFE): The provided file is strictly informational markdown. It does not include scripts, automation, or active code components.
- [NO_CODE] (SAFE): No code is shipped with this skill, making it inherently low-risk and outside the scope of binary or script-based analysis.
- [COMMAND_EXECUTION] (SAFE): The documentation includes example shell commands (e.g.,
ntm spawn,ntm send) to illustrate how a user might interact with local management tools. These are static examples and not executed by the skill itself. - [PROMPT_INJECTION] (SAFE): The 'Initial Prompt' template provided in the implementation section is instructional and does not contain bypass, role-play, or malicious instruction patterns.
- [PROMPT_INJECTION] (SAFE): Indirect Prompt Injection Surface: 1. Ingestion points: README.md, AGENTS.md, and Agent Mail messages. 2. Boundary markers: Not defined in the architectural guide. 3. Capability inventory: File investigation and MCP Agent Mail communication. 4. Sanitization: Not specified. These points reflect the inherent surface of the described multi-agent architecture rather than a security defect in the skill.
Audit Metadata