flow-next-sync
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill executes a bundled script named
flowctl. The execution path is strictly constructed using the plugin's root environment variables (DROID_PLUGIN_ROOTorCLAUDE_PLUGIN_ROOT), ensuring it only runs its own internal tools. - [DATA_EXFILTRATION] (SAFE): No network operations (curl, wget, or API calls) were detected. The data processed consists of task identifiers and repository metadata (via
git), which remains local to the execution environment. - [PROMPT_INJECTION] (SAFE): The skill contains no instructions designed to bypass AI safety filters or override system prompts. It uses natural instructional language for workflow logic.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill ingests user-provided arguments ($ARGUMENTS). However, it includes a validation step requiring input to match specific task ID patterns (
fn-*), which mitigates the risk of command injection or malicious payload interpolation. - [EXTERNAL_DOWNLOADS] (SAFE): No external packages or remote scripts are downloaded during the execution of this skill.
Audit Metadata