flow-nexus-platform

This document is a comprehensive skill specification describing many powerful capabilities (creating sandboxes, executing arbitrary code, installing packages, cloning remote repositories, storing files, and publishing templates). The capabilities themselves are coherent with the stated purpose (platform management), but they create multiple high-risk supply-chain and credential-exposure vectors: arbitrary download-and-execute in sandboxes, unpinned dependency installs, acceptance of raw secrets into environments, and an assistant mode that can be granted tool-enabled autonomy. There are no explicit hardcoded malicious endpoints or obfuscation, and the document is largely benign in intent; however the operational model (running user-provided or remotely fetched code with provided secrets) is high risk unless the platform enforces strict isolation, secrets handling, dependency pinning, code review, and human approval for high-privilege actions. Recommend treating this skill as high security risk until runtime controls and least-privilege mitigations (ephemeral scoped credentials, sanitized env var handling, strict network egress controls, pinned dependencies, build sandboxing, and human-in-the-loop approvals) are documented and enforced.