agent-challenges
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill processes untrusted user-submitted code and external challenge descriptions.
- Ingestion points: User code provided in the solution_code field and challenge data from mcp__flow-nexus__challenges_list.
- Boundary markers: Absent; there are no instructions to the agent to treat input as data only or to ignore embedded commands.
- Capability inventory: Access to mcp__flow-nexus__challenge_submit, leaderboard management, and achievement tracking tools.
- Sanitization: None detected in the provided skill definition.
Audit Metadata