flow-verifier
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill includes various shell command snippets (grep, ls, sed, xargs, and bash loops) intended to audit local project files. These are standard diagnostic tools and do not involve privilege escalation or unsafe operations.\n- [DATA_EXPOSURE & EXFILTRATION] (SAFE): The scripts exclusively target local files within the '.flow/' directory and do not access sensitive system paths (e.g., ~/.ssh) or make network requests.\n- [INDIRECT_PROMPT_INJECTION] (LOW):\n
- Ingestion points: The scripts read and parse content from local Markdown files in the '.flow/' directory.\n
- Boundary markers: None identified; scripts process raw file content.\n
- Capability inventory: The skill uses subprocess calls via shell execution (grep, ls, etc.).\n
- Sanitization: There is no explicit sanitization of the file content before it is processed by the bash scripts. However, the operations are limited to pattern matching and listing, posing minimal risk.
Audit Metadata