Skills
skills/ruvnet/claude-flow/harness-genome/Gen Agent Trust Hub

harness-genome

Warn

Audited by Gen Agent Trust Hub on Jun 21, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The instruction to run npx metaharness genome <path> interpolates a variable path directly into a shell command. This creates a risk of command injection if the path contains shell metacharacters such as semicolons, ampersands, or pipes.
  • [REMOTE_CODE_EXECUTION]: The skill uses npx to execute the metaharness package. This involves fetching and running code from the NPM registry at runtime.
  • [EXTERNAL_DOWNLOADS]: The skill fetches the metaharness package from the well-known NPM registry via the npx command.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data from an external repository.
  • Ingestion points: Files located within the repository at the provided <path> are processed by the genome tool.
  • Boundary markers: None identified; the instructions do not specify delimiters or warnings for the agent to ignore instructions embedded in the analyzed repository.
  • Capability inventory: The skill is allowed to use the Bash tool and performs shell execution.
  • Sanitization: There is no evidence of input validation for the path argument or output sanitization for the data read from the repository.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 21, 2026, 04:12 PM
Security Audit — agent-trust-hub — harness-genome