cost-optimize
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Downloads the platform CLI tool via
npx @claude-flow/cli@latestfrom the NPM registry. As NPM is a well-known service and the CLI is a core platform component, this is a safe operational dependency. - [COMMAND_EXECUTION]: Executes a local outcome-tracking script (
plugins/ruflo-cost-tracker/scripts/outcome.mjs) to update model routing based on success or failure. The skill specifies that the script uses safe execution methods (spawnSync) to prevent argument injection. - [PROMPT_INJECTION]: Surfaces a potential indirect prompt injection vulnerability (Category 8).
- Ingestion points: Usage data retrieved from the
cost-trackingnamespace. - Boundary markers: None implemented in the instructions.
- Capability inventory: Local shell execution via
Bashand pattern storage viamemory_store. - Sanitization: The instruction set notes the use of safe quoting in the downstream shell script.
Audit Metadata