flow
Pass
Audited by Gen Agent Trust Hub on Mar 24, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill is designed to generate executable Python code. In
skill_composer.py, it assembles script files by concatenating predefined templates with user-supplied intent and descriptions. This results in the creation of new executable files in the./flowsdirectory.\n- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface. Natural language inputs from users are interpolated directly into generated script templates inskill_composer.py. The lack of robust sanitization for these inputs could allow malicious strings to influence the logic or docstrings of the resulting scripts.
Audit Metadata