Skills
skills/koji98/agentflow/agentflow-graph-authoring/Gen Agent Trust Hub

agentflow-graph-authoring

Pass

Audited by Gen Agent Trust Hub on Apr 8, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONNO_CODE
Full Analysis
  • [COMMAND_EXECUTION]: The skill facilitates the authoring of graphs that execute arbitrary shell commands via 'exec' and 'check' nodes, which are processed by the 'agentflow' CLI.
  • [PROMPT_INJECTION]: The skill demonstrates an indirect prompt injection surface by ingesting user implementation plans to generate executable graphs. Evidence: 1. Ingestion point: User requests in SKILL.md. 2. Boundary markers: Absent. 3. Capability inventory: 'exec' and 'check' nodes in references/graph-contract.md allow shell commands. 4. Sanitization: Explicit recommendation to use 'agentflow validate' and 'agentflow compile' before execution.
  • [NO_CODE]: The skill does not contain any executable scripts, binaries, or source code files, relying solely on Markdown instructions and YAML configuration.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 8, 2026, 04:24 PM