agent-safla-neural
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill is designed to ingest, process, and store interaction histories and training data, which creates a surface for indirect prompt injection attacks.
- Ingestion points: Data enters the system via the
training_dataparameter in themcp__claude-flow__neural_traincall and theinteraction_contextparameter in themcp__claude-flow__memory_usagecall. - Boundary markers: None are present in the provided examples; data is interpolated directly into JSON strings without clear delimiters or 'ignore' instructions.
- Capability inventory: The skill has the capability to store data persistently and influence future training/responses using the
claude-flowtoolset. - Sanitization: There is no evidence of sanitization or filtering logic to prevent malicious instructions embedded in the interaction context from being stored or processed.
Audit Metadata