swarm-advanced
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
claude-flowpackage from the npm registry to enable its orchestration capabilities. This is a standard dependency for the framework described by the vendor. - [COMMAND_EXECUTION]: The orchestration patterns include the use of tools such as
mcp__claude-flow__parallel_executeto run development and testing commands likenpm run test. These operations are consistent with the skill's primary purpose of managing software development and research workflows. - [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection through its ingestion of external research and analysis data.
- Ingestion points: Data is collected from external sources via
mcp__claude-flow__memory_usageand analyzed using tools likemcp__claude-flow__error_analysis. - Boundary markers: The patterns do not specify explicit delimiters or isolation markers for untrusted content within the agent's context.
- Capability inventory: The framework has high-level capabilities, including shell command execution, CI/CD pipeline creation, and file system interactions.
- Sanitization: There are no documented steps for validating or sanitizing external content before it is processed by the orchestration tools.
Audit Metadata