Skills
skills/b-open-io/prompts/frontend-performance/Gen Agent Trust Hub

frontend-performance

Pass

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill uses npx lighthouse to perform performance audits. Lighthouse is an official tool maintained by Google, which is a trusted organization.
  • [EXTERNAL_DOWNLOADS]: The skill guides the user to install @next/bundle-analyzer. This is an official performance tool from Vercel, which is a trusted organization.
  • [COMMAND_EXECUTION]: The skill executes shell commands using npx, bun, cat, and jq to run performance audits and process the resulting JSON data. These are standard development workflows for frontend performance diagnostics.
  • [PROMPT_INJECTION]: The skill processes data from lighthouse.json using jq.
  • Ingestion points: lighthouse.json (SKILL.md)
  • Boundary markers: Structural data selection via jq filters
  • Capability inventory: Subprocess execution for auditing tools (npx, bun) and file system reads (cat)
  • Sanitization: The skill extracts specific numeric and string values from a structured JSON report generated by a trusted local tool, minimizing the risk of processing malicious instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 10, 2026, 03:56 AM