Skills
skills/ruvnet/ruflo/agent-coder/Gen Agent Trust Hub

agent-coder

Warn

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The pre-hook script executes a shell command echo "💻 Coder agent implementing: $TASK". This allows for arbitrary command execution if the $TASK environment variable contains shell metacharacters such as backticks or command substitution syntax.
  • [COMMAND_EXECUTION]: The post-hook script runs npm run lint --if-present. This executes scripts defined in the project's package.json file, which could be malicious if the agent is working on an untrusted repository.
  • [PROMPT_INJECTION]: The skill's use of the $TASK variable to influence hook logic creates an indirect prompt injection surface. Evidence: 1. Ingestion points: The $TASK environment variable in the pre hook. 2. Boundary markers: Absent. 3. Capability inventory: Host shell execution via echo, grep, and npm. 4. Sanitization: None identified for the $TASK input.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 1, 2026, 04:32 PM