harness-oia-audit
Pass
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The documentation references the use of
npx @claude-flow/cli@latestto manage audit records. This command downloads and executes the utility from the npm registry. - [COMMAND_EXECUTION]: The skill orchestrates the execution of multiple local CLI tools via
harnesssub-commands (oia-manifest,threat-model,mcp-scan) to perform security scans on specified paths. - [DATA_EXFILTRATION]: Audit findings are persisted to a shared memory namespace (
metaharness-audit). This is the primary intended behavior of the skill to enable drift detection across multiple runs. - [PROMPT_INJECTION]: The skill processes untrusted local files during the audit phase, presenting an indirect prompt injection surface.
- Ingestion points: Local files at the provided
<path>are read by theharnessscanner tools. - Boundary markers: No explicit delimiters are specified in the markdown instructions.
- Capability inventory: The skill uses
Bashto execute commands and performs network/storage operations to save audit records. - Sanitization: Sanitization is assumed to be handled by the underlying
harnessbinaries or theoia-audit.mjsscript.
Audit Metadata