Skills
skills/ruvnet/ruflo/agent-authentication/Gen Agent Trust Hub

agent-authentication

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill represents a surface for indirect prompt injection because it ingests untrusted user data.
  • Ingestion points: Processes user-provided strings for email, password, full_name, and token through registration and login workflows.
  • Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the provided templates when interpolating user data into tool calls.
  • Capability inventory: Accesses user management and session tools via the Flow Nexus MCP interface.
  • Sanitization: No evidence of input validation or sanitization is present in the skill instructions.
  • [COMMAND_EXECUTION]: The skill utilizes a suite of vendor-specific MCP tools to perform actions.
  • Evidence: Invokes mcp__flow-nexus__user_register, mcp__flow-nexus__user_login, mcp__flow-nexus__user_profile, mcp__flow-nexus__user_update_profile, mcp__flow-nexus__user_reset_password, and mcp__flow-nexus__user_update_password. These tools are handled as standard functional extensions for the Flow Nexus environment.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 04:32 PM