perf-investigation-logger
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE] (SAFE): The skill consists entirely of markdown instructions and does not include any Python scripts, Node.js packages, or binary executables.
- [PROMPT_INJECTION] (LOW): The skill is vulnerable to indirect prompt injection due to its requirement to record verbatim user input.
- Ingestion points: User quotes are captured and stored in
{state-dir}/perf/investigations/<id>.md. - Boundary markers: No specific delimiters or safety instructions are used to wrap the recorded quotes.
- Capability inventory: No executable capabilities or system commands are present in this skill.
- Sanitization: None; the instructions explicitly require verbatim capture, preserving potential injection payloads.
- [DATA_EXFILTRATION] (SAFE): No network access or external data transfer mechanisms were detected. Data is stored locally within the
AI_STATE_DIR.
Audit Metadata