agent-consensus-coordinator
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
mcp__flow-nexus__sandbox_executetool, which enables the agent to run dynamically generated JavaScript code within a sandbox environment to manage distributed coordination tasks. - [REMOTE_CODE_EXECUTION]: The skill facilitates the execution of logic on remote infrastructure through the Flow Nexus platform, specifically via the
mcp__flow-nexus__sandbox_createandmcp__flow-nexus__sandbox_executetools. - [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by processing untrusted data to drive tool interactions.
- Ingestion points: Data enters the agent's context through parameters such as
proposals,objectives,constraints, andnodeStateswithin the coordination logic. - Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the provided examples or tool usage descriptions.
- Capability inventory: The agent possesses capabilities to create sandboxed environments, execute arbitrary code within them, and train neural models.
- Sanitization: The skill lacks evidence of input validation or sanitization before data is interpolated into tool calls or sandboxed code strings.
Audit Metadata