Skills
skills/1mangesh1/dev-skills-collection/web-performance/Gen Agent Trust Hub

web-performance

Pass

Audited by Gen Agent Trust Hub on Apr 14, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/performance-auditor.py executes the system curl command using a list-based subprocess.run call. This is used to capture network timing metrics for the URL being audited. The response body is discarded to /dev/null, preventing data leakage.
  • [COMMAND_EXECUTION]: The shell script scripts/bundle-analyzer.sh runs standard filesystem commands (du, ls) to report directory and file sizes for local build artifacts.
  • [SAFE]: The Python scripts use __import__ to load the standard datetime library for logging purposes. This use of dynamic importing is benign and serves the skill's diagnostic reporting goals.
  • [SAFE]: The skill processes user-provided URLs and local JSON statistics files for auditing purposes. Analysis confirms that data is processed safely without being executed as code or exfiltrated.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 14, 2026, 01:22 AM