pair-programming
Warn
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of a global Node.js package
claude-flow@alpha. This package is from an unverified source and is in an alpha state, which may pose a risk to the security and stability of the host system. - [COMMAND_EXECUTION]: The skill is built around the execution of the
claude-flowCLI tool. This tool is granted extensive permissions to manage sessions, run tests, and perform git operations, creating a broad attack surface if the utility is compromised. - [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it reads and processes untrusted data from local code files.
- Ingestion points: Local source code files being reviewed or refactored.
- Boundary markers: Absent; there are no delimiters or instructions to ignore embedded commands in the source files.
- Capability inventory: File system access, shell command execution (via CLI), and Git operations.
- Sanitization: No sanitization or filtering of input code is documented.
Audit Metadata