Skills
skills/gmickel/flow-next-opencode/flow-next-opencode-interview/Gen Agent Trust Hub

flow-next-opencode-interview

Pass

Audited by Gen Agent Trust Hub on Apr 7, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes local shell commands using git, jq, and a bundled binary utility named flowctl. These tools are used for repository path resolution, version checking, and interacting with task metadata in the .flow/ directory.
  • [DATA_EXFILTRATION]: The skill reads project configuration files and user-provided documentation (e.g., .flow/meta.json and markdown specifications). This data is processed locally by the agent to conduct the interview and is not transmitted to external domains.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted content from user-specified file paths which could contain embedded instructions.
  • Ingestion points: Content from files provided in $ARGUMENTS (e.g., docs/spec.md) and output from flowctl cat.
  • Boundary markers: No specific delimiters or "ignore previous instructions" warnings are used when processing external file content.
  • Capability inventory: The skill has the capability to rewrite local files and modify task descriptions via flowctl.
  • Sanitization: No explicit sanitization or validation of external file content is performed before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 7, 2026, 09:07 AM