Skills
skills/ruvnet/ruflo/wasm-gallery/Gen Agent Trust Hub

wasm-gallery

Pass

Audited by Gen Agent Trust Hub on May 19, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill allows the use of the Bash tool, granting the agent the capability to execute arbitrary shell commands within the environment.
  • [EXTERNAL_DOWNLOADS]: The skill's primary function is to fetch and install WebAssembly binaries from an external community gallery using the mcp__claude-flow__wasm_agent_create tool.
  • [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection (Category 8) because it retrieves and processes content from a community gallery.
  • Ingestion points: Untrusted data enters the agent context via mcp__claude-flow__wasm_gallery_list and mcp__claude-flow__wasm_gallery_search (SKILL.md).
  • Boundary markers: The instructions do not define delimiters or specific warnings to ignore instructions embedded within the gallery content.
  • Capability inventory: The agent has high-impact capabilities including Bash access and the ability to deploy executable WASM agents.
  • Sanitization: There is no evidence of sanitization or filtering of the gallery data before it is presented to the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 19, 2026, 10:46 PM
Security Audit — agent-trust-hub — wasm-gallery