The Agent Skills Directory

[External Downloads] (MEDIUM): The skill uses npx claude-flow across several commands. npx downloads and executes packages from the npm registry at runtime. The package claude-flow is not provided by a trusted organization (e.g., Anthropics, Google, or Vercel), making it an unverifiable dependency.- [Command Execution] (LOW): The skill invokes shell commands to perform its primary functions. While these commands align with the stated purpose of coordination, they rely on the external code downloaded via npx.- [Indirect Prompt Injection] (LOW): As a tool designed for multi-agent coordination and consensus, the skill naturally processes inputs from multiple sources. This creates an attack surface where malicious input from one 'worker' could potentially influence the 'queen' or other agents through coordination messages (Category 8b).

hive-mind