Skills
skills/ruvnet/ruflo/embeddings/Gen Agent Trust Hub

embeddings

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill uses npx to execute the claude-flow package, which involves downloading and running code from the npm registry if not present locally.
  • [COMMAND_EXECUTION]: Core functionality is implemented through shell commands, including database initialization, batch processing, and similarity searching.
  • [PROMPT_INJECTION]: The skill presents an attack surface for indirect prompt injection through data ingestion points. Ingestion points: --text parameter and --file documents.json. Boundary markers: None identified. Capability inventory: Subprocess execution via npx. Sanitization: No sanitization or validation of the input data is specified before it is processed by the agentic-flow integration.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 04:33 PM