Skills
skills/antongulin/agenticflow-ai-skills/agenticflow-mcp/Gen Agent Trust Hub

agenticflow-mcp

Pass

Audited by Gen Agent Trust Hub on Apr 30, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Recommends the installation of the @pixelml/agenticflow-cli package via npm. This tool is provided by the skill's authoring organization (PixelML) to manage workspace integrations.
  • [COMMAND_EXECUTION]: Utilizes several CLI commands (af bootstrap, af mcp-clients list, af agent update) to inspect workspace state, manage Model Context Protocol (MCP) clients, and modify agent configurations.
  • [PROMPT_INJECTION]: The skill facilitates the ingestion of data from untrusted external sources (e.g., Notion pages, Slack messages, GitHub repositories) which presents an indirect prompt injection surface.
  • Ingestion points: External data providers connected via MCP clients (Notion, Slack, GitHub, Google Docs, etc.) are used to feed data into the agent context.
  • Boundary markers: No explicit instructions are provided to use delimiters or ignore instructions embedded within the external content.
  • Capability inventory: The skill enables agents to perform various actions, including modifying configurations (af agent update) and running tasks (af agent run).
  • Sanitization: No sanitization or validation logic for the external content is described in the provided commands or integration steps.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 30, 2026, 05:44 PM