kg-traverse
Pass
Audited by Gen Agent Trust Hub on May 7, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill documentation suggests using
npx @claude-flow/cli@latestas a CLI alternative. This command fetches and executes the utility from the NPM registry. The package namespace matches theclaude-flowprefix used by the skill's authorized MCP tools. - [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by retrieving and synthesizing external graph data.
- Ingestion points: The skill ingests entity names provided by the user and graph data retrieved from
mcp__claude-flow__agentdb_hierarchical-recallandmcp__claude-flow__agentdb_causal-edge. - Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the synthesis steps.
- Capability inventory: The skill has access to the
Bashtool and a suite of agent database tools for search, routing, and synthesis. - Sanitization: The skill relies on the
mcp__claude-flow__agentdb_context-synthesizetool to process retrieved content without explicit sanitization or filtering of the graph data nodes.
Audit Metadata