Process Flow Navigator

The skill bundle contains a command injection vulnerability in `scripts/navigate.sh`. The `get_node_code` function interpolates the `$node` shell variable directly into a `python3 -c` command string without sanitization, which could allow an attacker to execute arbitrary Python code. While the logic in `SKILL.md`, `README.md`, and `data/flow-rules.json` appears aligned with the stated purpose of business process navigation, the presence of this high-risk vulnerability requires a suspicious classification.