agent-neural-network
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- Indirect Prompt Injection (HIGH): The skill possesses a high-risk attack surface by processing untrusted data to orchestrate cloud-based distributed computing. Ingestion points: Untrusted data enters via the 'config' object in 'mcp__flow-nexus__neural_train' and the 'input' field in 'mcp__flow-nexus__neural_predict'. Boundary markers: No delimiters or safety instructions are present to prevent the agent from obeying instructions embedded within training data or configurations. Capability inventory: The skill can initialize clusters, allocate resources, and orchestrate execution across multiple E2B sandboxes. Sanitization: No evidence of validation for configurations or input data.
- Dynamic Execution (MEDIUM): The skill is designed to execute machine learning workloads. While the tool calls are structured, the underlying process involves dynamic execution for training and inference, inheriting risks from the managed environments.
Recommendations
- AI detected serious security threats
Audit Metadata