when-using-advanced-swarm-use-swarm-advanced

Pass

Audited by Gen Agent Trust Hub on Jun 26, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill utilizes npx to dynamically fetch and execute the claude-flow@alpha tool from the npm registry, which is a well-known package service.
  • [COMMAND_EXECUTION]: The skill executes multiple bash commands to initialize agents, monitor performance in real-time, and run optimization analysis using the claude-flow CLI.
  • [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface by processing performance metrics and agent outputs.
  • Ingestion points: Data enters the process via agent metrics and performance analyze command outputs (documented in SKILL.md and PROCESS.md).
  • Boundary markers: There are no explicit delimiters or instructions provided to ignore potential natural language commands embedded in the metrics data.
  • Capability inventory: The skill has the ability to spawn new agent processes, modify network topologies, and execute background shell scripts (documented in SKILL.md and PROCESS.md).
  • Sanitization: The workflow uses jq to parse structured data but lacks explicit logic to sanitize the content against prompt injection before processing by the LLM.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 26, 2026, 03:22 AM
Security Audit — agent-trust-hub — when-using-advanced-swarm-use-swarm-advanced