skills/ruvnet/ruflo/api-docs/Gen Agent Trust Hub

api-docs

Pass

Audited by Gen Agent Trust Hub on May 18, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted source code provided by the user.
  • Ingestion points: Reads source code files from the user-specified <source-path> referenced in the skill instructions.
  • Boundary markers: The skill does not implement delimiters or specific instructions to the agent to disregard instructions found within the code comments or content.
  • Capability inventory: The skill has access to tools such as Write, Bash (via npx), and mcp dispatch, which could be misdirected if the agent follows malicious instructions in the input.
  • Sanitization: No sanitization or validation of the input source code content is described in the skill.
Audit Metadata
Risk Level
SAFE
Analyzed
May 18, 2026, 05:35 PM