perf-benchmarker
Warn
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (MEDIUM): The skill extracts an arbitrary command string from user-provided arguments for execution. Evidence: The JavaScript parsing block in
SKILL.mdidentifies any non-numeric string as thecommandvariable. Risk: If the underlying agent executes this string in a shell environment, it is susceptible to command injection attacks using shell operators like semicolons or pipes. - [PROMPT_INJECTION] (LOW): The skill exhibits an indirect prompt injection surface. 1. Ingestion points: The
commandargument parsed from$ARGUMENTS. 2. Boundary markers: No delimiters or ignore-instructions are applied to the input command, thoughPERF_METRICS_START/ENDmarkers are used for output. 3. Capability inventory: Execution of external system commands. 4. Sanitization: The skill performs no validation, escaping, or allowlisting of the command string before processing.
Audit Metadata