Skills
skills/affaan-m/everything-claude-code/flox-environments/Gen Agent Trust Hub

flox-environments

Pass

Audited by Gen Agent Trust Hub on May 12, 2026

Risk Level: SAFE
Full Analysis
  • [PROMPT_INJECTION]: The skill includes directive language designed to guide the agent's tool selection, such as instructions to 'ALWAYS use this skill' when reproducible environments are needed. These are interpreted as routing guidelines rather than malicious overrides.
  • [COMMAND_EXECUTION]: The skill documents how to define and execute shell commands within Flox manifests using [hook] (for on-activate scripts) and [profile] (for interactive shell configurations) sections.
  • [EXTERNAL_DOWNLOADS]: Describes standard package management operations using flox install to fetch system-level dependencies and flox activate -r to retrieve environment definitions from FloxHub.
  • [DATA_EXFILTRATION]: Includes a dedicated 'Anti-Patterns' section that explicitly warns against the high-risk practice of storing sensitive credentials or API keys within the manifest files committed to version control.
  • [SAFE]: The skill references official documentation and repositories from the Flox project (flox.dev and github.com/flox), which are recognized as well-known and legitimate developer resources.
Audit Metadata
Risk Level
SAFE
Analyzed
May 12, 2026, 05:46 AM