Skills
skills/dnyoussef/ai-chrome-extension/flow-nexus-swarm/Gen Agent Trust Hub

flow-nexus-swarm

Pass

Audited by Gen Agent Trust Hub on Apr 2, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs users to install the flow-nexus and claude-flow packages from the NPM registry to enable its orchestration capabilities.
  • [COMMAND_EXECUTION]: The setup instructions involve executing shell commands using npx to register accounts, authenticate, and launch the MCP server (npx flow-nexus@latest mcp start).
  • [DATA_EXFILTRATION]: By design, the skill sends task descriptions, workflow configurations, and input data to the external Flow Nexus platform (flow-nexus.ruv.io) for cloud-based execution and monitoring.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection vulnerabilities.
  • Ingestion points: Untrusted data enters the agent context via the task parameter in mcp__flow-nexus__task_orchestrate and the input_data object in mcp__flow-nexus__workflow_execute within SKILL.md.
  • Boundary markers: There are no explicit delimiters or instructions to ignore embedded commands within the processed task data.
  • Capability inventory: The associated MCP server tools can spawn agents, orchestrate tasks, and execute complex multi-step workflows.
  • Sanitization: No evidence of input validation or sanitization is present in the skill instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 2, 2026, 07:18 AM