neural-training
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill uses 'npx' to execute shell commands for training, pattern prediction, and optimization through the 'claude-flow' CLI.
- [EXTERNAL_DOWNLOADS]: The 'npx' utility downloads and executes the 'claude-flow' package from the NPM registry if it is not present in the local environment.
- [PROMPT_INJECTION]: The 'predict' command accepts a 'task description' via the '--input' flag, which creates a surface for indirect prompt injection.
- Ingestion point: The '--input' parameter in the 'neural predict' command.
- Boundary markers: No delimiters or specific 'ignore' instructions are provided for the user input.
- Capability inventory: Command execution via 'npx'.
- Sanitization: No sanitization or validation of the task description is performed before command execution.
Audit Metadata