Skills
skills/ruvnet/claude-flow/rvf-manage/Gen Agent Trust Hub

rvf-manage

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructions utilize npx @claude-flow/cli@latest to perform memory transfer operations. This involves downloading and executing the latest version of a package from the npm registry.
  • [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it is designed to import memory data (RVF files) which could contain adversarial instructions.
  • Ingestion points: Data enters the system via the mcp__claude-flow__memory_import_claude tool and the hooks transfer from-project command.
  • Capability inventory: The skill has access to the Bash tool and various memory manipulation tools, providing a path for injected instructions to trigger local command execution.
  • Sanitization: There are no documented sanitization or validation routines for the content of imported RVF files.
  • Boundary markers: The instructions do not specify the use of delimiters or 'ignore' directives to prevent the agent from obeying instructions embedded within the imported memory data.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 01:23 PM
Security Audit — agent-trust-hub — rvf-manage