flipswitch-status
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- EXTERNAL_DOWNLOADS (LOW): The skill provides instructions for the user to manually add an MCP server from
https://mcp.flipswitch.io/mcp. This is a standard configuration step for using the Flipswitch service and requires manual user intervention in the terminal. - DATA_EXFILTRATION (SAFE): The skill interacts with the Flipswitch API to retrieve organization and project data. These operations are core to the skill's purpose and are performed via explicit tool calls (
mcp__flipswitch__authenticate,mcp__flipswitch__list_projects). - PROMPT_INJECTION (LOW): The skill displays output from the
mcp__flipswitch__flag_overviewtool directly to the user. This represents a potential surface for indirect prompt injection if the underlying project data (flag names or descriptions) were to contain malicious instructions, though this is a common risk for data-viewing skills.
Audit Metadata