agent-challenges
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill defines a robust persona for a challenges agent. It processes user submissions via the 'solution_code' parameter in the 'mcp__flow-nexus__challenge_submit' tool. This creates a surface for indirect prompt injection common to code-evaluation tasks, but the instructions do not contain any malicious override attempts or safety bypasses.
- [COMMAND_EXECUTION]: The skill leverages specific MCP tools within the 'flow-nexus' namespace. These tools, such as 'mcp__flow-nexus__challenges_list' and 'mcp__flow-nexus__challenge_submit', are used as intended for the primary purpose of the skill and align with the author's (ruvnet) organizational context.
- [DATA_EXPOSURE]: No hardcoded credentials, sensitive file paths, or unauthorized data access patterns were found in the skill instructions or tool definitions.
Audit Metadata