agent-code-analyzer
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill uses
npx claude-flow@alphain multiple lifecycle hooks (pre,post,pre-search, etc.) to execute framework-specific tasks, which involves downloading and running packages from the NPM registry. - [REMOTE_CODE_EXECUTION]: Through the use of
npx, the agent downloads and executes theclaude-flowpackage logic at runtime to perform its core operations. - [COMMAND_EXECUTION]: The skill executes shell commands defined in the
hooksandWorkflowsections ofSKILL.md. These commands use variable interpolation (e.g.,${description},${results},${summary}) that could be vulnerable to command injection if the input data for these variables (such as the code being analyzed) contains malicious shell characters. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its primary function of analyzing untrusted external codebases.
- Ingestion points: The agent ingests and processes source code files during the "Initial Scan" and "Deep Analysis" phases in
SKILL.md. - Boundary markers: No specific delimiters or "ignore instructions" markers are used to separate the analyzed code from the agent's internal instructions.
- Capability inventory: The agent has the capability to execute shell commands (via
npx), store and retrieve persistent data in memory, and send notifications. - Sanitization: There is no evidence of sanitization or filtering applied to the code content before it is processed or used in analysis results.
Audit Metadata