agenticflow-skills
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill consists entirely of reference documentation and does not contain any executable scripts, binaries, or hidden malicious logic.\n- [EXTERNAL_DOWNLOADS]: Documents the installation of the
@pixelml/agenticflow-clipackage. This is a vendor-owned tool (pixelml) and is essential for interacting with the AgenticFlow platform as described.\n- [COMMAND_EXECUTION]: Provides guidance for acode_executortool within the platform that allows for running Python, JavaScript, and Bash. The documentation specifies that these functions are intended to run in a sandboxed environment.\n- [PROMPT_INJECTION]: Identifies the attack surface for indirect prompt injection within the documented platform's architecture for handling user-defined inputs.\n - Ingestion points: Untrusted data enters the system through
input_schemafields documented inreference/workflow/overview.md.\n - Boundary markers: The platform documentation defines "Guardrails" to constrain agent behavior and persona as noted in the glossary and agent overview.\n
- Capability inventory: The platform supports tools with significant capabilities including
http_request,file_operations, andcode_executor.\n - Sanitization: Documentation provides high-level best practices for security, such as using minimal tools and explicit guardrails, but does not provide specific implementation logic for sanitizing all inputs.
Audit Metadata