Skills
skills/ruvnet/claude-flow/agent-coder/Gen Agent Trust Hub

agent-coder

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION] (LOW): The post hook in SKILL.md automatically executes npm run lint if a package.json file is present in the working directory. This allows for the execution of arbitrary local scripts defined in the project configuration, which could be exploited if the agent operates on a malicious repository.
  • [PROMPT_INJECTION] (LOW): Detected an indirect prompt injection surface where the agent processes untrusted external data during its lifecycle hooks.
  • Ingestion points: The $TASK environment variable in the pre hook and the package.json file in the post hook.
  • Boundary markers: Absent; there are no instructions to ignore embedded commands or markers to delimit untrusted content.
  • Capability inventory: Shell command execution via echo, grep, and the npm package runner.
  • Sanitization: Absent; the skill does not validate the content of the $TASK variable or the lint script within package.json before execution.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:10 PM