Skills
skills/tumf/cflx-skills/cflx-run/Gen Agent Trust Hub

cflx-run

Pass

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes standard Git commands and a domain-specific CLI tool cflx run to manage the development lifecycle.
  • [EXTERNAL_DOWNLOADS]: The skill performs repository synchronization using git pull and git fetch from configured remote repositories.
  • [INDIRECT_PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it reads and processes data from openspec/changes/, which represents a potential injection surface if those files contain instructions intended to influence the agent's behavior.
  • Ingestion points: Specification files located in openspec/changes/ (SKILL.md).
  • Boundary markers: No explicit delimiters or instructions are used to separate data from instructions within the ingested files.
  • Capability inventory: The agent can execute the cflx tool and various git commands based on the workflow state (SKILL.md).
  • Sanitization: The skill does not implement sanitization or validation of the content within the change specification files before proceeding with orchestration.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 12, 2026, 11:19 AM