Skills
skills/ruvnet/ruflo/cost-booster-route/Gen Agent Trust Hub

cost-booster-route

Pass

Audited by Gen Agent Trust Hub on May 5, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill's primary function is to wrap existing platform tools (hooks_route) to provide cost-efficiency reports. No unauthorized data access or malicious intent was detected.
  • [COMMAND_EXECUTION]: Employs the Bash tool to perform routine operations such as timestamp generation and interacting with a local memory store. These operations are limited to the skill's stated purpose of tracking and reporting.
  • [DATA_EXPOSURE]: Interacts with memory_search and memory_list to aggregate task history for auditing. This data access is localized to the agent's internal memory and does not involve exfiltration to external or unauthorized services.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it processes task descriptions which may contain untrusted content.
  • Ingestion points: Task descriptions are ingested via CLI arguments or the memory_search tool (Step 1).
  • Boundary markers: None present to distinguish instructions from task data.
  • Capability inventory: Uses the Bash tool to store data and mcp__claude-flow__hooks_route for classification.
  • Sanitization: No explicit sanitization or escaping of the ingested task descriptions is performed before they are processed by the router.
Audit Metadata
Risk Level
SAFE
Analyzed
May 5, 2026, 04:24 AM