hive-mind-advanced
Warn
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to perform various tasks using the command
npx claude-flow. This pattern involves downloading and executing code from the NPM registry which can perform arbitrary operations on the host system. - [EXTERNAL_DOWNLOADS]: The skill provides links to documentation and source material hosted at
github.com/ruvnet/claude-flow. This repository is not associated with a verified or trusted vendor, and the skill author's name in the manifest ('Claude Flow Team') does not align with the provided vendor context. - [PROMPT_INJECTION]: The skill defines a system with a broad attack surface for indirect prompt injection due to its coordination of multiple agents processing untrusted data.
- Ingestion points: The system accepts free-form 'objectives' and analyzes external GitHub repositories.
- Boundary markers: There are no specified delimiters or instructions to the agents to ignore embedded commands within the ingested data.
- Capability inventory: The system has the ability to spawn sub-processes, execute shell commands through
npx, and write to a local SQLite database. - Sanitization: No sanitization or validation mechanisms are described for the data ingested into the collective memory or passed between agents.
Audit Metadata