stream-chain
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill defines a sequential processing pipeline where the output of one agent step is automatically ingested as context for the next. This creates a surface for indirect prompt injection if the initial stages process untrusted data (e.g., API responses or external files) that contains malicious instructions.
- Ingestion points: Data flows through steps in the 'run' and 'pipeline' commands as described in SKILL.md.
- Boundary markers: No delimiters or 'ignore embedded instructions' warnings are present in the provided prompt logic.
- Capability inventory: The skill interacts with the local filesystem (src/ directory) and configuration files (.claude-flow/config.json).
- Sanitization: No sanitization or validation of intermediate step results is performed before they are passed to subsequent agents.
Audit Metadata