agentdb-query
Pass
Audited by Gen Agent Trust Hub on May 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill exposes an indirect prompt injection surface because it processes data retrieved from AgentDB which could contain adversarial instructions.
- Ingestion points: Data enters the agent context through the output of mcp__claude-flow__agentdb_hierarchical-recall and mcp__claude-flow__agentdb_pattern-search tools referenced in SKILL.md.
- Boundary markers: No specific delimiters or instructions to ignore embedded commands are present in the documentation.
- Capability inventory: The skill allows the use of Bash and several database manipulation tools.
- Sanitization: There is no evidence of output sanitization or validation of the content retrieved from the database.
- [EXTERNAL_DOWNLOADS]: The skill documentation suggests using npx @claude-flow/cli@latest, which downloads and executes the CLI tool from the public NPM registry.
- [COMMAND_EXECUTION]: The skill enables and provides examples for executing commands via Bash and the @claude-flow/cli tool to interact with the memory and pattern storage layers.
Audit Metadata