riverflow-2-best-practices
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWNO_CODE
Full Analysis
- No Code (SAFE): The skill consists entirely of markdown documentation and guidance. It does not contain scripts, binaries, or tool definitions that could be executed.
- Data Exposure & Exfiltration (SAFE): There are no hardcoded credentials, sensitive file paths, or network operations detected.
- Prompt Injection (SAFE): The instructions are standard usage guidelines for creative workflows and do not contain patterns typical of prompt injection or system prompt extraction.
- Unverifiable Dependencies & Remote Code Execution (SAFE): No external packages or remote code download patterns were found.
Audit Metadata