cost-report
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the Bash tool to execute a Node.js one-liner to parse a local JSON benchmark file ('docs/benchmarks/runs/latest.json') to extract summary metrics for inclusion in the cost report.\n- [EXTERNAL_DOWNLOADS]: The skill's documentation references the use of '@claude-flow/cli@latest' via npx, which involves downloading the package from the NPM registry. This package is a vendor-provided resource associated with the author's framework.\n- [REMOTE_CODE_EXECUTION]: Suggesting the use of 'npx' to execute '@claude-flow/cli@latest' involves the dynamic download and execution of remote code at runtime.\n- [PROMPT_INJECTION]: The skill ingests data from memory search results and external benchmark files, creating a surface for indirect prompt injection where untrusted data could attempt to influence the agent's behavior during report generation.\n
- Ingestion points: Usage records retrieved via 'mcp__claude-flow__memory_search' and summary data from 'docs/benchmarks/runs/latest.json'.\n
- Boundary markers: No specific delimiters or instruction-ignore warnings are implemented to encapsulate the ingested data.\n
- Capability inventory: The skill utilizes 'Bash' for file processing and several 'memory' tools for data retrieval.\n
- Sanitization: No sanitization or escaping mechanisms are described for the data before it is interpolated into the final report output.
Audit Metadata