qe-sparc-methodology
Warn
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill documentation refers to and links to the
claude-flowpackage on NPM. - [REMOTE_CODE_EXECUTION]: The instructions direct the agent to run
npx claude-flowandnpx claude-flow@alpha, which results in the download and execution of code from an external GitHub repository (ruvnet/claude-flow) that is not part of the trusted vendors list. - [COMMAND_EXECUTION]: The methodology includes executing CLI commands through NPX to perform tasks such as running hooks, starting pipelines, and executing specific development modes.
- [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface.
- Ingestion points: External data is ingested through the
researchermode using web search and fetch tools. - Boundary markers: No delimiters or isolation instructions are provided to distinguish between untrusted web data and the agent's internal logic.
- Capability inventory: The skill facilitates powerful operations including autonomous code generation (
coder), batch file operations (batch-executor), and multi-agent swarm orchestration. - Sanitization: There is no evidence of sanitizing or validating external content before it is processed by the architectural or coding modules.
Audit Metadata