Iterative Loop
Warn
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill utilizes
npx @claude-flow/cli@latest, which downloads and executes external code at runtime from the NPM registry. This package is not from a verified trusted organization. - [COMMAND_EXECUTION]: The workflow involves automated execution of various shell commands including
npm test,eslint, andgitbased on the logic of the iterative loop. - [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection due to its processing of external command outputs.
- Ingestion points: Ingests output from
npm test,git log, and file contents into the agent's context (e.g., in the 'Iteration pattern' steps). - Boundary markers: Missing specific delimiters or instructions to treat ingested data as untrusted content to prevent the agent from obeying instructions embedded in logs or files.
- Capability inventory: Executes shell commands and high-level agent tasks via
claude_execute. - Sanitization: No evidence of sanitization or filtering of the ingested data before it influences subsequent loop iterations.
Audit Metadata