performance-reporter
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is entirely instructional and template-driven. It does not contain any executable scripts (.sh, .py, .js), binaries, or automation code.
- [EXTERNAL_DOWNLOADS]: The skill references reference materials and templates hosted on the author's GitHub repository (github.com/aaron-he-zhu). These links point to official documentation within the vendor's project and do not involve remote code execution or untrusted third-party dependencies.
- [DATA_EXFILTRATION]: No network requests (curl, wget, fetch) or hardcoded credentials were found. The skill instructions guide the agent to save report results locally within a
memory/directory, which is standard for maintaining session context. - [PROMPT_INJECTION]: The instructions are focused on report parameters and metrics. No attempts to bypass safety filters, override system prompts, or extract internal instructions were detected.
- [COMMAND_EXECUTION]: There are no shell commands, privilege escalation attempts, or persistence mechanisms present in the provided files. The skill relies on the agent's native ability to process and format text data.
Audit Metadata