codspeed-optimize
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill relies on the agent executing various command-line tools to build and run benchmarks. This includes
codspeed,cargo,pytest,go test, andnpx. While these are standard development tools, the agent is granted the capability to run them autonomously on the user's system. - [DATA_EXFILTRATION]: The skill is designed to upload performance benchmarking results to the CodSpeed platform. This requires authentication via
codspeed auth loginand involves sending data about the codebase's execution characteristics to an external service. - [INDIRECT_PROMPT_INJECTION]: The skill possesses a vulnerability surface for indirect prompt injection.
- Ingestion points: The agent reads and processes local source code to identify optimization targets and also ingests benchmark data via MCP tools.
- Boundary markers: There are no explicit instructions or delimiters provided to warn the agent to ignore instructions embedded within the code it is optimizing.
- Capability inventory: The agent has the capability to write to the filesystem (to apply optimizations) and execute shell commands (to run benchmarks and build processes).
- Sanitization: No sanitization or validation of the input source code is specified before the agent attempts to interpret and modify it.
- [DYNAMIC_EXECUTION]: The core loop of the skill involves the agent modifying local source code and subsequently executing that modified code through the benchmarking harness. This is an intended feature but represents a point of risk if the modifications are influenced by malicious input.
Audit Metadata