nocobase-v2-flow-upgrade
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses
rg(ripgrep) to discover patterns, capabilities, and settings within the local plugin codebase. These commands are localized to the repository root and used for technical discovery. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted code from external plugins to inform migration decisions.
- Ingestion points: Source files located in
packages/plugins/@nocobase/<plugin>/src/clientare read and analyzed via discovery commands. - Boundary markers: Absent. The instructions do not provide delimiters or specific warnings to the agent to ignore potentially malicious instructions embedded in the code being analyzed.
- Capability inventory: The skill performs file searching and pattern matching, then provides migration recommendations based on the findings.
- Sanitization: Absent. There is no mention of sanitizing or validating the contents of the files before processing them.
Audit Metadata