Skills
skills/ruvnet/claude-flow/iot-anomalies/Gen Agent Trust Hub

iot-anomalies

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches the latest version of the @claude-flow/plugin-iot-cognitum package from the public NPM registry at runtime using npx.
  • [COMMAND_EXECUTION]: Executes a shell command via npx to run the anomaly detection tool on device telemetry.
  • [PROMPT_INJECTION]: Potential for Indirect Prompt Injection as the skill ingests and processes untrusted device telemetry data.
  • Ingestion points: Device telemetry data is processed by the cognitum-iot anomalies command (SKILL.md).
  • Boundary markers: None identified to separate telemetry data from instructions.
  • Capability inventory: Uses Bash(npx *) and mcp__claude-flow__memory_store (SKILL.md).
  • Sanitization: No explicit sanitization or validation of the telemetry content is described before processing or storage.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 01:22 PM
Security Audit — agent-trust-hub — iot-anomalies