Skills
skills/ruvnet/claude-flow/autopilot-loop/Gen Agent Trust Hub

autopilot-loop

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it automatically ingests data from external, potentially untrusted sources to determine its next actions.
  • Ingestion points: The skill identifies and processes tasks from 'team-tasks' (Claude Code TaskList), 'swarm-tasks' (MCP task_list), and 'file-checklist' (Markdown checkbox items in tracked files).
  • Boundary markers: The instructions lack delimiters or explicit warnings to the agent to ignore instructions embedded within the task data.
  • Capability inventory: The skill has significant capabilities, including spawning agents, editing code, and running tests via the 'Agent' tool and predicted autopilot actions.
  • Sanitization: No sanitization, validation, or filtering of the external task content is performed before the agent acts upon the instructions found within that data.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 01:22 PM
Security Audit — agent-trust-hub — autopilot-loop