Skills
skills/fellowship-dev/flowchad/flow-update/Gen Agent Trust Hub

flow-update

Pass

Audited by Gen Agent Trust Hub on Mar 24, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses shell commands like grep, ls, and git log to find and analyze relevant source files in the codebase.
  • [COMMAND_EXECUTION]: The skill writes updated YAML definitions to the .flowchad/flows/ directory on the local filesystem.
  • [PROMPT_INJECTION]: The skill is susceptible to Indirect Prompt Injection (Category 8) because it processes untrusted data from the codebase to drive its logic.
  • Ingestion points: Reads content from source files (e.g., .tsx, .jsx, .rb) located in src/, app/, components/, and views/ as described in SKILL.md.
  • Boundary markers: Absent. The skill does not define specific delimiters to separate code content from instructions during the drafting phase.
  • Capability inventory: File read access (via grep and ls) and file write access to the specific .flowchad/flows/ directory.
  • Sanitization: Absent. The skill does not specify any validation or filtering of the code content before it is interpreted to update flow steps and expectations.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 24, 2026, 07:46 PM