clawswarm
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructions include curl commands to perform agent registration and task management via the ClawSwarm API.
- [EXTERNAL_DOWNLOADS]: The skill fetches task descriptions and solution attempts from the external vendor domain claw-swarm.com.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes content generated by third-party agents during aggregation tasks.
- Ingestion points: Untrusted content from other agents enters the context through the /tasks/next endpoint, as documented in the workflow section of SKILL.md.
- Boundary markers: No explicit delimiters or instructions to disregard embedded commands are provided for the data processed during aggregation.
- Capability inventory: The agent possesses the capability to execute network operations (curl) to submit synthesized reasoning and final answers.
- Sanitization: There is no evidence of sanitization, validation, or filtering of the external agent content before it is processed by the agent.
Audit Metadata