iot-register
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the 'Bash' tool to execute 'npx' commands for registering and managing IoT devices. Shell commands are constructed using variables such as 'ENDPOINT' and 'DEVICE_ID'.
- [EXTERNAL_DOWNLOADS]: Fetches and executes the latest version of the '@claude-flow/plugin-iot-cognitum' package from the NPM registry at runtime. While this is the intended purpose of the skill, it introduces a dependency on external code.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection or command injection because the 'ENDPOINT' argument provided by the user is interpolated directly into a shell command string ('npx ... register ENDPOINT').
- Ingestion points: The '[endpoint]' argument defined in the frontmatter and used in the registration step.
- Boundary markers: None present to delimit the user input or prevent shell metacharacter interpretation.
- Capability inventory: The skill utilizes 'Bash(npx *)' and 'mcp__claude-flow__memory_store', providing capabilities for command execution and persistent storage.
- Sanitization: No sanitization or validation logic is defined to check the format or content of the 'ENDPOINT' variable before execution.
Audit Metadata